Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Data security policy could have prevented RBS loss

Credant Technologies : 27 August, 2008  (Technical Article)
Having an effective customer records security policy is an important factor in preventing the kind of loss recently revealed after computer sold on eBay was found to contain customer banking details.
Credant Technologies says the widely publicised sale of a computer on eBay - apparently containing the details of a million RBS Group bank customers - could have been avoided if the bank and its contractors had adopted an effective customer data security and encryption strategy.

'If the bank and its contractors had a solid data encryption strategy in place, with private data such as that found on the eBay computer being encrypted - and only decrypted when needed, and on-the-fly -then, even if the computer slipped through the net because of the thoughtless actions of one or more individuals, then the data would clearly be inaccessible,' said Michael Callahan, Credant's senior vice president and chief marketing officer.

'This would have avoided the need to apologise for leaking data that included bank account numbers, phone numbers, mothers' maiden names and even signatures of customers, so representing a gross security breach at the bank,' he added.

According to Callahan, whilst the bank will undoubtedly apologise and quite possibly end up being fined for the gross security breach, the issue highlights the security dangers of allowing unencrypted data to be used by third-party companies.

'Dealing with third-party firms is a routine business transaction, but you cannot always rely on a third party to have as stringent security systems in place as your own,' he said.

'This is why we always recommend the use of encryption technology for private data such as this, only decrypting the data on-the-fly and as, and when, required,' he said.

'The process is simple, as well as highly cost-effective and would have prevented this situation from happening, no matter how poor the security procedures of the third party companies that are involved,' he added.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo