Meralco is a good example of a company overdoing online security in places where the actual risk is low.
Meralco is a utility company. It is not a bank, an e-wallet provider, or a financial institution holding customer funds. The information it needs to protect—customer name, service address, and billing amount—is important, but it does not carry the same risk profile as banking credentials or stored monetary value. The security approach should reflect that difference.
Continue reading When Security Becomes Friction for Meralco Online