Finally, someone writes a report that we all knew for a long time.
Simple solution for organization to reduce risk.
- Don't store more than you need (ignored as it impedes data mining and Analytics)
- Have a data destruction policy (ignored for the same reason)
- Encrypt Data.
- Let the consumer have the right to request his information be purged.
This article also brings back a question " Why should SSN be a secret", it is an identification number and as far I know , it should not be used for any verification
DISCLAIMER:
"I am not GOD so, I admit that I could be wrong anywhere between 0 - 100%"
According to the article:-
NSS Labs charted the ten largest data breaches worldwide that occurred over the past decade, including the breach of Adobe customer information and Target payment card data announced in the last quarter of 2013. The firm noted that half of the breaches happened last year, alone.
“This data demonstrates that many records overlap between the breaches (with a total of 512 million records lost for the United States alone) and that the PII of a considerable share of the population of the United States (319 million) was exposed,” the report said.
The links below has more information:
No comments:
Post a Comment