Join the Community

22,053

Expert opinions

43,987

Total members

381

New members (last 30 days)

184

New opinions (last 30 days)

28,690

Total comments

Join Sign in

Putting An End to Data Breaches As We Know Them

22 January 2011 1 comment

Robert Siciliano

Security Analyst

Safr.me

The AP reports “WikiLeaks’ release of secret government communications should serve as a warning to the nation’s biggest companies: You’re next.”

According to the Privacy Rights Clearinghouse’s Chronology of Data Breaches, more than 500 million sensitive records have been breached in the past five years. The Chronology of Data breaches lists specific examples of incidents in which personal data is compromised, lost, or stolen: “employees losing laptop computers, hackers downloading credit card numbers and sensitive personal data accidentally exposed online.”

WikiLeaks has been quite the news topic and for good reason. Data breaches cost in many ways. One cost is of course in the form or dollars. But when it is military secrets breached, that can cost lives.

It shouldn’t be this way.

The talk show pundits buzz that with the release of thousands of additional secret government documents, it leads to the conclusion that there is no way to protect sensitive data. If the government can’t even prevent a Private in the Army from stealing confidential data, what hope is there?

Nearly all WikiLeaks articles conclude that you have to tradeoff security with productivity, implying that content becomes unusable with higher levels of security in place. In this Associated Press article ‘Companies beware: The next big leak could be yours’, Jordan Robinson of the Associated Press, states:

“But the more companies control information, the more difficult it is for employees to access documents they are authorized to view. That lowers productivity and increases costs in the form of the additional help from technicians.”

This is true for traditional content security measures but ignores significant advances made by security company Zafesoft, whose solution does not require a change in user behavior or complex technical support to maintain. Companies that do a little research will find there is a way to protect their valuable information without compromising productivity and at a reasonable cost.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

3302

Report

Channels

/security /regulation & compliance

Comments: (1)

Kiri Self CEO at TRG Post Trade Services

24 January 2011

Hi Robert, many interesting comments there, I particularly agree with you that companies really do need to do just a little research into this area to find the good solutions that are out there - I have been particularly impressed with Snapbox from Snapguard ( www.snapguard.co.uk/snapbox.html) - it will assist in monitoring who accesses your most vital electronic secrets. Too often one finds that once a breach has occurred, many firms are unable to identify how the information left the company.

Report

Robert Siciliano

Security Analyst

Safr.me

Member since

04 Feb 2009

Location

Boston

More expert opinions

Vishnu Prasad R Lead Enterprise Architect at Tata Consultancy Services