|
eBay million records computer avoidable with data security policy
|
27/08/2008
|
| |
The widely reported sale of a server on eBay containing details of one million RBS customers, could have been avoided with an effective customer data security and encryption strategy.
So says Michael Callahan, senior vice president and chief marketing officer at Credant Technologies, the military grade encryption specialist.
“If the bank and its contractors had a solid data encryption strategy in place, with private data, such as that found on the eBay computer, being encrypted and only decrypted when needed, even if the computer slipped through the net … the data would be inaccessible,” he says.
“This would have avoided the need to apologise for leaking data that included bank account numbers, phone numbers, mothers’ maiden names and even signatures of customers, so representing a gross security breach at the bank,” he adds.
Callahan believes the event highlights the security dangers particularly of allowing unencrypted data to be used by third-party companies. “Dealing with third-party firms is a routine business transaction, but you cannot always rely on a third party to have as stringent security systems in place as your own,” he warns.
“This is why we always recommend the use of encryption technology for private data, only decrypting the data on-the-fly and as, and when, required. The process is simple, as well as highly cost-effective and would have prevented this situation from happening, no matter how poor the security procedures of the third party involved.”
|
| |
Author
Brian Tinham
|
| |
| Email this article |
| |
|
|
|
|