No Shirt, No Shoes, No ID, No Service
29 Nov 2006A man in Quincy, Massachusetts was refused service at the local IHOP restaurant when he refused to turn over his driver’s license before being seated.
Hilarious.
But there’s a great security point here, too. They wanted to reduce the incidence of “dine-n-dash” events, where people skip out without paying. Holding your driver’s license would surely help, or so they thought. But they didn’t count on the reaction to this violation of privacy or, more importantly, the inconvenience this was to their customers.
Security Rule #1: Security is only as good as the weakest link.
Security Rule #2: You’re weakest link will (almost) always be the users.
Security Rule #3: To users, security = inconvenience.
Observation of End Users in the Wild: Users will fight inconvenience.
Good security is invisible to users, or at least, it isn’t overtly present and doesn’t require them to do anything. That’s why supermarkets and convenience stores place monitors where customers can see that the front doors (and other high-value areas) are being watched. People make the assumption that the camera feeds are also being recorded (which is not always true, but often).
At least this IHOP incident wasn’t condoned by corporate management.
Blockbuster lost this customer because one franchise was anal about getting a “local” phone number every time we went in. Our toll-free VOIP number (which was our phone number) wasn’t good enough for them. Finally I gave them a bogus number, but it was too late. I was already fed up and I’ve been going to Hollywood Video every since.