Email to Essential smartphone users causes alarm

in #news7 years ago

Essential made a rookie mistake with a support email it recently sent to its smartphone users, causing people to think it was from a hacker.

essential-phone-andy-rubin-100724319-large.jpg

The term “improperly configured” is a real plague on the IT landscape.

It can refer to a firewall protecting an enterprise; it can create problems on a web server. For one newly minted smartphone company, it can also look pretty embarrassing.

Essential phone recently sent an email to customers asking for proof of identity. This request was a little odd in the first place — who does that anymore? The email basically asked customers to send a picture of a photo identification or passport by email. From a security standpoint, that’s a bit like asking people to text your credit card number to a hacker.

Where things really went south, though, is when those customers who responded to the email realized they had transmitted that security information to everyone else on the email chain.

Essential later admitted the error and said it was due to a configuration problem on a ZenDesk support email. Oops. At first, it seemed like a hacker had done some dirty work.

Andy Rubin, the famed Android creator and founder of Essential, sent out an apology:
"Being a founder in an intensely competitive business means you occasionally have to eat crow. It's humiliating, it doesn't taste good, and often, it's a humbling experience. As Essential's founder and CEO, I'm personally responsible for this error and will try my best to not repeat it."

That Essential email should never have gone out
The problem with the whole fiasco is that it should never have happened, even at a small company. For starters, who was testing the email process? From what I understand about how emails are often sent out to customers — especially an email newsletter — there’s typically a test to make sure everything works and to get approvals from stakeholders.

For example, you send out a test email to a few people first and make sure everything works, the formatting is correct, the sender looks legit, a reply works, and the links operate as expected. Accidents happen. That’s why, for a newsletter, companies do a test run to see if there are any anomalies. It’s not really acceptable to say the accident happened “live” with the real email.

You could say — it takes time and effort. But that’s not really an excuse if you plan ahead a little. If a mass email needs to go out on Friday, you can schedule a test for Thursday, fix the problems (in Zendesk, or MailChimp, or whatever tool you are using) and then proceed.

More than anything, it makes me wonder how much the company tested the phone itself. Hopefully, if you bought one and need support, you won’t find out it was a mistake.

#technology
7 years ago in #news by
$0.00
    3 votes
    Reply 3
    Sort:  
  • Trending
    • [-]
     6 years ago 

    Congratulations @iaslam70! You have received a personal award!

    1 Year on Steemit
    Click on the badge to view your Board of Honor.

    Do not miss the last post from @steemitboard:
    SteemitBoard and the Veterans on Steemit - The First Community Badge.

    Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

    $0.00
      Reply
      [-]
       5 years ago 

      Congratulations @iaslam70! You received a personal award!

      Happy Birthday! - You are on the Steem blockchain for 2 years!

      You can view your badges on your Steem Board and compare to others on the Steem Ranking

      Vote for @Steemitboard as a witness to get one more award and increased upvotes!
      $0.00
        Reply

        Coin Marketplace

        STEEM 0.16
        TRX 0.15
        JST 0.028
        BTC 56006.20
        ETH 2375.33
        USDT 1.00
        SBD 2.33