A quick follow-up on Funkmaster’s post from Thursday: On 4/30, Sony released more details about restoring PSN and attempting to woo back customers.
Not everything is set in stone, but it’s worth looking at the press release/blog post. Sony is promising a “Welcome Back” program that includes the following features:
- Each territory will be offering selected PlayStation entertainment content for free download. Specific details of this content will be announced in each region soon.
- All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days free service.
- Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days free service.
The company also promises “additional “Welcome Back” entertainment and service offerings” to be rolled out in the coming weeks.
Is that enough for you – a free month of PlayStation Plus and a free PSN game? It’s hard to get excited about the free content that’s promised, because Microsoft set a precedent of mediocrity in this regard several years ago; I’m not holding my breath about the quality of this newest round of freebies. I’m also pretty uninterested in a free month of PlayStation Plus, since Sony never sold me (or many people) on the value of this service in the first place. I appreciate the general direction implied by the name “Welcome Back”, and these moves are nice gestures, but they don’t feel that relevant to me personally.
On the other hand, I’m paying attention to Sony’s actions related to long-term change within the organization. The company is revamping PSN’s security architecture (duh), and they’re creating a new senior-level position dedicated to data security and customer privacy. Sony also continues to engage outside security consultants – which I think is essential, given the apparently massive blind spot within the company that allowed this situation to unfold as it did. And when PSN services begin to be restored this week, Sony will force all users to reset their password via basic two-factor authentication: not just logging into their old account, but also performing the password change operation either on their original PS3 hardware (where the PSN account was first created) or via the personal email address associated with the PSN account. These actions fall short of the forward-looking changes that Funkmaster advocated last week…but they might be a decent start.
Has Sony learned its lesson – or have you?
Not exactly what I had hoped. 30 days of Playstation Plus proves it’s just lip service, in my opinion. Obviously, you give out a 30 day trial for two reasons, to give users something for free so they feel like the are getting a benefit and to help sell the service to those who may end up wanting to keep it long term. 30 days isn’t enough for me to become confident in Sony again, and definitely not enough for me to feel compelled to purchase a service which I didn’t feel I had a need for previously. 3 or better yet 6 months…anything less, don’t bother.
The free game option should be a choice from a select list, because if Sony picks a game you already own (or worse, something almost worthless), that benefit is instantly nullified.
Also, more importantly, they made no mention of the other things I was looking for, such as being able to purge my credit card data from their system permanently. That is the one thing they really have to do at this point. They’ve proven they can’t be trusted with my personal data.
Lastly, as our own security expert Zeus had mentioned, if Sony had been taking security seriously, why is it just now they are getting around to hiring a chief information security officer? A multi-billion dollar international company that has millions of online transactions everyday with all that personal data — who was in charge of security? Obviously, no one. They’re only doing it now because they *have* to.
No mention of being able to mange your own personal data. No mention of credit monitoring services. Patronizing freebies. More empty phrases like thanking me for my patience and letting me know they are “taking it seriously.”
While they still have time to amend these terms, I am unimpressed by this announcement. It’s basically what i expected, but I hoped they’d take this opportunity to do something different.
Not that I am a big PS3 gamer or anything. I tend to use it more for media vs. gaming. I doubt that sony will be getting much more money from me. The lack of a CISO does explain some things. Especially when we look 5 years in the past at that cdrom debacle.
As you say, it’s pretty incredible they didn’t already have a position like that – considering that they’re a multibillion-dollar global corp with customer data from probably several hundred million people worldwide (over 70 million just from PSN). And the fact that they’ve been so clueless about this stuff so far doesn’t make me optimistic about the future impact of that one new position. On the other hand, the proof is in the pudding moving forward. They haven’t put much on the table so far, but the window’s still open. (How’s that for a triple mixed metaphor?)
“We deeply apologize for the inconvenience we have caused,” said the head of Sony PlayStation division.
http://consumerist.com/2011/05/sony-apologizes-for-playstation-network-outage-says-10-million-credit-cards-may-be-at-risk.html
It’s okay, tho – they’ve bowed in abject apology:
http://uk.news.yahoo.com/5/20110501/img/pbs-playstation-hack-sony-e-b69e1e549fe3.html
Hey… Guess what! SOE has been taken offline and has suffered data loss as well.
http://www.joystiq.com/2011/05/02/sony-hit-with-second-attack-loses-12-700-credit-card-nu/
Sony and Epsilon ripped after not showing up to Senate hearings on data loss.
http://arstechnica.com/tech-policy/news/2011/05/house-hearing-blasts-sonys-half-hearted-half-baked-hack-response.ars