Data breaches seem to occur on a daily basis, as major companies scramble to tighten their defenses and react to an increasingly sophisticated threat. Often, it's too little, too late – hackers successfully infiltrate a company's records and leave before the organization has a chance to react. The problem here is in that last term – react. Every company should take preemptive measures to make sure its own data and its clients' information is safe and sound. If anything, the large corporations should be the examples of secure data, not the victims of constant attacks.
Last year, Target and Living Social had a combined 91 million accounts compromised, leaving countless bank cards, social security numbers and passwords unprotected and available, according to the New York Times. Despite those massive breaches, this year has shaped up to be even worse – through the first ten months of 2014, data breaches have risen 30 percent over 2013. California attorney general Kamala Harris blamed a lack of preparation.
"We are increasingly adopting technology that is putting our data in systems that are ripe for penetration," Harris told the New York Times. "We have not sufficiently inoculated ourselves. The bad guys have figured out where the vulnerabilities are and learned there is much to be profited and gained from exploiting them."
According to Bloomberg, office supply giant Staples is investigating a data breach of its own. At least three stores in the Northeast U.S. may have succumbed to an attack involving theft of credit card information.
The proper response to a data threat
According to The Wall Street Journal, companies' stance toward data breaches should be multifaceted and dictated by an individual with the training, expertise and skill set to implement the protocol. Someone with executive authority like the Chief Financial Officer would be an ideal candidate for the job.
This individual should be capable of diagnosing the company's flaws; coordinating the necessary staff and resources to cover these holes; communicating with customers, employees, law enforcement and the SEC; and setting up an adequate insurance policy should a breach occur.
For most large organizations that find themselves facing down the barrel of a data breach, they should look no further than data centers for a lesson in security.
Biometrics provide high-end data security
The data centers that practice front door to server cabinet access control are the best place for companies to store valuable data. That's because biometric technology requires something more foolproof than password, ID cards or keys: physical identification. These measures analyze fingerprints and other unique characteristics in order to provide security clearance. As a result, the password cannot be guessed nor the key stolen. Only the individuals with the proper fingerprint pattern will have access.
Of course, this measure is useless if the thief is an insider, as is sometimes the case. Even high-ranking officials can become tempted by the promise of illicit gains. But there is a solution for this as well. Dual access control requires two separate fingerprints in order to gain clearance. So even if an individual defects, he or she would still require an accomplice of equal stature. This technology is the best data security measure available today.
Large companies can take a lesson from data centers and install biometric security measures in their buildings, or choose to house their clients' data in centers outfitted with the cutting-edge technology. By controlling the door-to-door security and restricting access to hard drives, companies could significantly reduce the risk of a breach.
To learn how RSA achieved regulatory compliance with Digitus Biometrics, download our whitepaper here.