Putting An End to Data Breaches As We Know Them

The AP reports “WikiLeaks’ release of secret government communications should serve as a warning to the nation’s biggest companies: You’re next.”

According to the Privacy Rights Clearinghouse’s Chronology of Data Breaches, more than 500 million sensitive records have been breached in the past five years. The Chronology of Data breaches lists specific examples of incidents in which personal data is compromised, lost, or stolen: “employees losing laptop computers, hackers downloading credit card numbers and sensitive personal data accidentally exposed online.”

WikiLeaks has been quite the news topic and for good reason. Data breaches cost in many ways. One cost is of course in the form or dollars. But when it is military secrets breached, that can cost lives.

It shouldn’t be this way.

The talk show pundits buzz that with the release of thousands of additional secret government documents, it leads to the conclusion that there is no way to protect sensitive data. If the government can’t even prevent a Private in the Army from stealing confidential data, what hope is there?

Nearly all WikiLeaks articles conclude that you have to tradeoff security with productivity, implying that content becomes unusable with higher levels of security in place. In this Associated Press article ‘Companies beware: The next big leak could be yours’, Jordan Robinson of the Associated Press, states:

“But the more companies control information, the more difficult it is for employees to access documents they are authorized to view. That lowers productivity and increases costs in the form of the additional help from technicians.”

This is true for traditional content security measures but ignores significant advances made by security company Zafesoft, whose solution does not require a change in user behavior or complex technical support to maintain. Companies that do a little research will find there is a way to protect their valuable information without compromising productivity and at a reasonable cost.

Robert Siciliano is a Personal Security and Identity Theft Expert. See him discussing another databreach on Good Morning America. (Disclosures)

Data Security Predictions For 2010

Robert Siciliano Identity Theft Expert

Forrester Research, Inc. in Cambridge, MA is an independent research company that provides pragmatic and forward-thinking advice to global leaders in business and technology.

They released their 2010 data security predictions. Heading into 2010, they are predicting five new data security trends:

1) Enterprises will keep their data security budgets relatively flat;

2) Market penetration for data loss prevention (DLP) tools will increase even as prices fall by half;

3) Cloud data security concerns will begin to dissipate;

4) Full disk encryption will continue its steady march into the enterprise, spurred on by breach disclosure laws; and

5) Enterprises will give enterprise rights management (ERM) software a second look as an enforcement option coupled with DLP.

Information Rights Management (IRM) is a term that applies to a technology which protects sensitive information from unauthorized access. It is sometimes referred to as E-DRM, Enterprise Digital Rights Management. Sensitive data and information such as Patient records, personal tax or financial information in .PDF, XLS, .DOC, .TXT etc., needs security.

Zafesoft is a content IRM company that actively secures, controls, and tracks content wherever it is utilized; this is the next generation of content security. IRM information is secure, viewable, edit-able and transferable.

Authorized IRM content users can copy, paste, edit, save etc. The security travels with the content or portions of it with tracking anywhere in the world. Unauthorized users are never able to view, edit or copy/paste.

Forrester hit the nail on the head with rights management. When rights management is accessed by a hacker, the data is useless to the thief who hacks from the outside or gains unauthorized access from the inside.

It would be smart business for healthcare, legal, and any organization to incorporate DLP in the form of IRM now, before a breach occurs and data is lost.

Protect your identity. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News