PCI Breaches and Whom Do We Trust?

Are all clouds equal?

Are all clouds equal?

The UK’s SaaS “expert” Phil Wainewright, @philww, points to another online survey to make the claim that you are less safe, data wise, with a cloud provider, than you are with servers on premises. Not so fast, says Chris Hoff. When I asked Chris to blog on exactly what he meant, he gave the following:

“You don’t need me to do that, just look at TJ Maxx, Hannaford’s, Heartland, Paychoice … the hits keep on coming.”

Over the last dozen or so years, we’ve seen the nightmares ensuing when breaches in credit card systems have crippled businesses and brought on oversight that is far more extensive than we exhibit in the banking industry. “TJX recently estimated that the breach will cost them $118 million” and Forrester estimates costs in the billions trying to sort out the intrusions. I’m not sure how Mr. Wainewright substantiates the costs but we now learn that, ” ‘PayChoice discovered a security breach in its online system on Wednesday, September 23, 2009,’ PayChoice Chief Executive Robert Digby said in an earlier statement. ‘We are handling this incident with the highest level of attention as well as concern for our clients, software customers and the employees they serve’. The company confirmed a report on The Washington Post’s Security Fix blog that the malware downloaded a Trojan horse dubbed “Bredolab,” which tries to put additional malicious files on the system and to disable host-based intrusion prevention sytems, according to Microsoft’s Malware Protection Center.”

We know that the profits in stealing credit cards is big enough to make this a war that won’t end soon. If business is to accept a safer environment with data off site, we will need a transparent intelligent explanation about how these cases unfold and what it does to the average business. Is there insurance against losing it all?

Love to hear from Mr. Wainewright or Mr. Hoff or anyone else on how we back up the trust factor for us small business types who are committed to leaving that work to experts or anyone with an experience either using a cloud environment, or staying with an IT department and all the trimmings. Very soon, Eve Maler will return to discuss her experiences in the realm of the indentity crisis that is curbing our competitive world.


, ,

No comments yet.

Leave a Reply