The indictment of 11 hackers in the US overnight with stealing 40 million credit and debit card numbers highlights the need for retailers to take steps to protect customer private data.
According to data security expert Bob Adhar, CEO of Randtronics, an encryption solutions company, there are steps that should be taken to protect consumers. “Safeguarding against a security breach is always better than trying to solve the problems afterwards.”
The credit card companies have created standards that retailers must adhere to if they store customer credit card information. The credit card data standard, Payment Card Industry Data Security Standard v1.1 (PCI DSS v1.1), was developed by the major card issuers including Visa, MasterCard, American Express and Discover. Under Requirement 3 of the 12 Requirements, companies must protect stored data.
A sophisticated encryption-based solution implemented professionally renders customer data unreadable to unauthorised parties.
“It’s harder to decipher encryption than it is to hack a file,” said Adhar.
“Data breaches are fast becoming one of the biggest commercial, legal and reputational risks for organisations.”
Governments, regulators and standards organisations are increasingly mandating that organisations report breaches, so victims whose data is leaked can take appropriate action, and to force higher standards of data protection.
“Data privacy is currently an important item on the federal government’s agenda and we are hopeful that they will consider mandatory reporting an important tool to ensure organisations take the security of consumers’ private data seriously,” said Adhar.