White Papers for Federal Financial Institutions Examination Council (FFIEC)

15 Minutes to Complete Data Protection

CipherOptics

It’s 10 o’clock. Do you know where your data is? If you think about it for a moment, you’ll realize that it could be anywhere in the world and you have no idea if it’s protected or vulnerable. Your personal information is somewhere at your bank, sent over the Internet when you buy a book or CD online and stored at your health insurance company, not to mention state, local and federal government agencies. Whether it’s the potential of embarrassment or financial ruination, shouldn’t your personal information remain private? A slew of government regulations imply that it should be. And yet, the security breaches keep coming. ChoicePoint, a name made famous by a huge breach in early 2005, has become a rallying point for organizations to re-examine their approach to data security.

A simple Google search reveals there is an illicit market for personal information. With sensitive information like Social Security numbers, bank account and credit card numbers and corporate intellectual property widely available, it’s time for organizations to get serious about protecting it.

Your customers trust their most important information to you. Protecting networks with firewalls, intrusion detection and ID management are essential first steps, but protecting the data itself is the ultimate goal. After all, most network data is dynamic and can be moving at any given time. How do you approach securing that dynamic data? According to best practices espoused by top security experts, encrypting the data in motion over the network is key. Once encrypted, the data remains protected, even if an unauthorized person is able to access it. Customer records and other sensitive information would be useless to them and your business would be protected. As organizations integrate encryption into their best practices for protecting data and complying with regulations, they often encounter highly complex, time-intensive and expensive solutions. While these solutions do protect the data, most often they also degrade network and application performance. Perhaps it’s time to take a better approach to encryption as a means of data protection.

View the White Paper

Share or bookmarklet this web page at: