Author: Jennifer L. Schiff
According to the Identity Theft Resource Center, there were 656 known data breaches that exposed nearly 35.7 million records last year. These breaches occurred at businesses, financial institutions, medical facilities, educational institutions and government agencies.
The main cause of the breaches? According to ITRC, only 2.4 percent of the organizations that experienced a breach had encryption or other strong protection methods in use, and only 8.5 percent of the breached information was password protected.
So why aren't more organizations password protecting and encrypting data? Some are complacent, while others falsely believe their data is already properly protected. Another is that some organizations fear having to spend large sums of money and time on new software or hardware to properly encrypt data.
Yet increasingly the monetary and public relations cost of having and having to report (now required by law in most states) a breach is so high that it behooves organizations to implement rigorous data protection policies and standards. And these policies and standards needn't be complex or expensive.
So while data storage vendors like Sun, EMC, HP and IBM debate encryption key management standards, here are some steps you can take to protect your data now.
Start With a Good Data Protection Policy
Indeed, security expert Adam Levin, chairman and co-founder of Identity Theft 911, argued that a good data protection policy involves just five things: 1. Instituting good security and privacy policies for collecting, using and storing sensitive information. 2. Using strong encryption when storing information on computers and laptops. 3. Limiting who has access to sensitive information. 4. Safely purging old or outdated sensitive information. 5. Having an incident response plan in case a breach occurs.
Read Full Article at Wi-Fi Planet
