The current issues surrounding Sony’s little security problem have been fairly public, and can be considered the biggest issue in gaming to date this year. If you’re not familiar with the PSN issues I’m talking about then I recommend checking out BC’s quick primer by techbeever. It outlines what happened, how Sony flubbed PR, and makes you wonder whether or not you should leave your PS3 in the “naughty corner” as the beever has.
It’s a fair question, really. When the compromising of personal information is involved, it puts customer loyalty to the test, and even the continued loyalty of Sony’s core customers will be called into question. Plugging up those security holes isn’t Sony’s only problem. They need to figure out a way to keep the customers they have, and a simple “mea culpa” just isn’t going to cut it. Sony’s Kaz Hirai held a press conference in Tokyo yesterday to try and begin that process; offering an apology; an outline on what Sony is prepared to do to make their customers happy; and a bow, a traditional Japanese expression of apology and regret (traditionally the depth and length of time of the bow denotes severity and yesterday’s bows clocked in at 7 seconds). There was also an accompanying press release on the PlayStation blog.
To try to beef up security, Sony has made a new position reporting directly to the CIO, called the Chief Information Security Officer, whose sole job is to manage security and countermeasures to prevent this sort of thing from happening again. Actual new security methods put in place include more encryption; automated monitoring to protect the network from new attacks; better intrusion detection; changes in password change policies; and of course, some additional firewalls. Also to add a little bit of spy-style secrecy, they have moved their datacenter to an undisclosed location. Either way, I’m curious as to how a company that handles such a high volume of user transactions on a daily basis could have gone this long without someone in the CIO’s office whose only responsibility was “keep out the unwanted.” Customers trust them with their information by signing up for the PSN. It should have at the very least been something on Sony’s radar or part of some sort of contingency plan.
The news went on to detail what exactly they are doing to keep their customers. As Hirai says in the press release, “… we will be launching a customer appreciation program for registered consumers as a way of expressing our gratitude for their loyalty during this network downtime, as we work even harder to restore and regain their trust in us and our services.” They’ll be doing that with what they call the “Welcome Back” Appreciation Program, which is said to “be tailored to specific markets to provide our consumers with a selection of service options and premium content as an expression of the company’s appreciation for their patience, support and continued loyalty.” In it, they will provide the following:
- Each territory will be offering selected PlayStation entertainment content for free download. Specific details of this content will be announced in each region soon.
- All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days free service.
- Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days free service.
In addition to the free premium service, Sony is offering to assist users who opt to enroll in identity theft protection services on their own dime. Details are unavailable right now, but will be made available soon at the regional and local level.
So that’s what you get – free premium and Qriocity service for 30 days, the promise to do better, a re-rollout of services by as early as this week, and enrollment in an identity theft protection program. The press release also mentions other additional service offerings to be rolled out in the next couple of weeks.
It’s the first step on a long road back. Users may forgive, but they won’t forget anytime soon. The timing of this attack is made even worse for Sony with the announcement of their upcoming handheld NGP device. With a hack on this scale, this situation could possibly alienate not only current but potential customers on NGP launch day.
So what are you going to do? Will you leave your PS3 to gather dust or give Sony another chance?