What is the RSA Hack teaching us about data security?
As Steve Duplessie of ESG says, “If RSA can get hacked, you sure can.”
Reading up on this, there really is nothing new. To Steve’s point, what is it going to take for us to wake up and realize it’s not a matter of if we’ll get hacked, it’s a matter of when. Today, we are so focused on what to do when we get hacked to mitigate the consequences. There’s US Government regulation for communicating when a breach occurs, but nothing that mandates data protection. In fact, only two states (Nevada & Massachusetts) have laws on the books that mandate the encryption of data. I’m not saying we need government regulation to get us to do something, but what really is it going to take?
In a ZD Net Between the Lines blog written by John Hazard, “Data breach costs rise with criminal attacks”. According to the blog, the Ponemon Institute released their 2010 data breach cost estimates, and according to the Symantec sponsored study, a data breach costs a company on average $7.2 Million, or $214 per compromised record. I recently put together a presentation on the market for self encrypting drives for Seagate, and my 2009 numbers showed $6.75 Million and $204 per compromised record. It’s only going up, and will continue to go up, if we don’t start think about encrypting nearly every single piece of data we generate, especially data at rest.
Check out 5 reasons to implement self-encrypting server drives. It’s an old story, but everyday, it rears its ugly head.
To use a bank analogy, it seems we spend a lot of time and attention securing the front door. Shouldn’t we be securing the vault even more? What’s it gonna take?
Security Resources:
Storage Effect Blogs on Security
Inside IT Storage Blogs on Security
Seagate.com/security
Seagate Secure Enterprise drives
Image by: http://www.efytimes.com
Hi Mark
Couldn’t agree more with you on a multi-layer approach to security – It’s not good enough to think about merely keeping the bad guys out, we have to assume they will make it in and therefore we have to ensure that information is protected in the datacentre as well as on devices such as notebooks and increasingly tablets and smartphones.
Have a look at some of what we’ve published on this at http://freeformcomment.blogspot.com/2011/03/rsa-hack-demonstrates-need-for.html or on our website.
[…] not just a hard drive, it’s a treasure map Data breaches – what’s it gonna take? Storage [Infographic]: 2000-2010 The all seeing cloud – your eyes in the sky Seagate Momentus XT […]
[…] to Enable Secure Cloud Computing Data breaches – what’s it gonna take? Seagate aims to protect more businesses and consumers from data breaches 5 reasons to implement […]