65% of companies expose personally identifiable information
Posted on 21 August 2012.
More than 65 percent of businesses don’t protect their customers’ private data from unauthorized employees and consultants, according to a survey of hundreds of IT managers and developers at large organizations conducted by GreenSQL.


With today’s increasingly public use of private information, protecting data resources from security breaches is absolutely crucial. Multiple regulations from organizations like the Payment Card Industry (PCI) mandate that companies in possession of personally identifiable information (PII) protect it from unauthorized access and use.

GreenSQL recently polled IT professionals about the measures they take to prevent developers, QA, DBAs, consultants, outsourced employees, suppliers and application users from having access to sensitive data. The results were surprising:
  • 65% take no preventative measures
  • 23% use masking techniques only in non-production environments, such as dummy data and scrambling. However, these solutions are expensive, complex and require custom development; moreover, these solutions are not transferrable to other projects.
  • 12% deploy dynamic data masking solutions on their production environments.
“Most companies would say protecting customer data is critical to maintaining their business and reputation,” said GreenSQL CEO, Amir Sadeh. “However, something is wrong when we discover that many IT departments are making no masking efforts whatsoever, and others are taking tepid approaches.”

GreenSQL's Dynamic data masking (DDM) solution applies rules to enforce access, making sure those who need to access certain parts of the sensitive data have it and those who shouldn’t see anything, won’t. It ensures that the data never leaves the database in its original form, preventing information theft. DDM allows real-time masking of sensitive data with no impact on the stored data itself and requires no change in the application’s code.

“Databases are high-quality targets for those engaged in industrial espionage. Many organizations are still vulnerable, which is especially troubling after so many recent attacks. We hope this survey will help companies sit up and take notice of the gaps in their systems and close them." concludes Sadeh.





Spotlight

The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //