Never Lose Trust: Protect Customer Data - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management

Never Lose Trust: Protect Customer Data

The information age has its dark side: data theft and privacy breaches. The proactive approach to safeguarding customer information starts with encryption for mobile devices. Next, consider the extra security measures implemented at Sharp Healthcare and Zions' Bank.

Few things damage customer trust more than a breach of confidential information. Consider that in a survey of consumers, the Ponemon Institute found that 60 percent terminated or considered terminating business with companies that notified them that they had mishandled their private information. Data breaches also have a real impact on the bottom line: $182 for each lost customer record in direct costs, lost productivity, and lost customer opportunity, according to Ponemon.

Historically, businesses' approach to managing data security risks has been more reactive than proactive. "Most organizations have been plugging holes," says Rich Mogull, a research vice president at Gartner Research. But as the risks have escalated, attitudes and approaches have started to change. "Particularly with the new disclosure laws, there is real money involved," says Mounil Patel, vice president and research director at AberdeenGroup. "People are losing their jobs, and when CIOs are worried about losing their jobs, they are more proactive."

A proactive approach to data breach and customer privacy protection starts with encryption of mobile devices, but organizations are also turning to automated monitoring, data discovery and beefed-up authentication technologies to add an extra layer of security. Read on to learn what Sharp Healthcare and Zions' Bank are doing to put company executives and, more importantly, customers at ease.

The Problem of Portability

More than 90 percent of all breaches result from the loss of electronic information (versus about 9 percent for information in paper form), and the single biggest vulnerability is the loss of laptops and portable devices including removable hard drives and thumb drives (see "Breach Source," at left). A security policy that includes rules on storing data on mobile media as well as physical, device-level security mechanisms is important. However, when device loss does occur, PGP (pretty good privacy) public key encryption remains the strongest defense against data loss. Equally important, it gives a company an exemption against disclosure laws.

"Just encrypt the freaking laptops!" says Mogull. "If you have sensitive data, it's a no-brainer."

The use of encryption is increasing (see "Use of Encryption by Data Type," at right). However, encryption is still complex, expensive to deploy and difficult to manage. Rather than practicing full-disk encryption, some organizations are adopting newer approaches in which a rights-management layer is added to the encryption process. As sensitive information is created or as it is accessed from core systems, it is automatically tagged as such, and only then is it encrypted and tracked.

"Where traditional approaches to encryption don't work well is where people have legitimate access to the data," says Patel of Aberdeen. "If users have to hit a button every time they create a spreadsheet, they will get irritated. We are still early in the adoption curve [of automated encryption] because it requires thinking to put together policies, but the trend [in usage] is definitely upward."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
News
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
Commentary
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
Slideshows
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Slideshows
Flash Poll