The Deadly Data Breach
We know it well, the Deadly Data Breach! So many people have felt the effects of a data breach, and so many companies are scrambling to protect the personal information they have on file. I am sure data breaches are on the minds of every IT professional that has kept up with the most recent breaches. No one goes unscathed by The Deadly Breach: P.F. Changs, Goodwill, Home Depot, and numerous schools.
Home Depot’s recent data breach reaches all the way back to April first of this year. According to Steven Weisman’s blog article, “Important Home Depot Update,” Weisman reports that “along with the credit card numbers and debit card numbers, the hackers also are selling the state and zip code for the particular cards. This enables the hackers to defeat some fraud detection programs that pick up charges made from areas far from the home of the card holder.” This just covers up and prolongs agencies from discovering a security breach sooner. The Deadly Data Breaches just keep getting more deadly!
The Cost of The Deadly Data Breach
The cost of the deadly data breach doesn’t stop at the yearly budget meeting. There are many different costs when a breach strikes: the cost of private information, the cost of an organization’s reputation, and the actual monetary cost. Target’s data breach cost them $148 million dollars so far, and having more stores than Target, Home Depot will most likely exceed that number. At this moment in time, I do not envy the IT Professional and truly feel for them; thankfully, there are some great resources for IT Professionals. For example, Liisa Thomas’s book, Thomas on Data Breach: A Practical Guide to Handling Data Breach Notifications Worldwide, is a great resource for the IT Professional contending with The Deadly Data Breach.
What Can Anyone Do?
There are many things that both the IT Professionals and the end users may do to proactively protect themselves from having their identity stolen. In reference to the Home Depot breach, Weisman gives practical tips on protecting yourself from identity theft. Weisman’s blog Scamicide is a great resource on daily technical news and practical tips to protect against hacktivists.
- Password Best Practices: These are a great place for the IT Professional to start in their fight against the Deadly Data Breach. Password Best Practices are common sense protocols for passwords and a great place to start creating a healthy password environment for your organization. PennState has a great article on Password Best Practices that I found very helpful.
- Speak Up: For the end user, there is a great website that was featured in the NYTimes that has a list of applications supporting two-factor authentication. The end user is also able to send a request to their favorite website/application requesting that they support two-factor.
- Identity Management Solutions: For the IT Professional, an affordable, usable two-factor solution is definitely the ideal. There are many solutions out there that provide Identity Management and two-factor. I found this list of current two-factor providers very helpful.
We are in an age where logins are a part of life and the gateway to private and confidential data. As the tsunami of data breaches continues to destroy and damage the cyber world, it is time to look towards stronger authentication to reduce the impact on organizations worldwide.