What should know about Security Breach Compliance to protect your business.
2014年1月27日 14:51
Security breaches are expensive and harmful to an entities' reputation. It is believed that the 2011 breach of Sony's Play Station network, when personal information of 77 million users was compromised, cost Sony $171 million and harmed its reputation substantially. Target's costs could conceivably be more than this amount even though only 40 million people were impacted.

Security breaches also affect small to midsize entities. In 2011, hackers obtained customer credit card information (which was not encrypted) from the Briar Group that owns and operates about 10 restaurants in Massachusetts. Because of its failure to encrypt the information, the Briar Group paid $110,000 in penalty and agreed to implement certain procedures to safeguard personal information. Incidentally,  the Briar Group was hacked again last October. Whether it is found to be responsible in anyway remains to be seen.

So, what should businesses know to protect themselves to the extent possible? First, you should know the security breach laws that apply. Second, you should fully understand the environment where you maintain your customers' data and which of your service providers has access to this environment. Third, you should work with your legal and IT team to implement policies and procedures to protect you as best as possible. In addition, you should protect yourself in contracts with third party service providers. Damage control in case of security breach should start today and not when there is a breach -- by then it is too late. 

Hiro Sugano
 | カテゴリ: IT - Security Breach |