“The takeaway for me is that this saga highlights the critical need to obfuscate, or de-identify, the sensitive information in your organization, wherever it is stored and however it is used across your company.”
— Dave Anderson, Voltage Security
Cupertino, CA, July 9, 2013 — Commenting on the Internal Revenue Service’s accidental exposure of thousands of Social Security numbers on the Internet – which were spotted by a California-based archivist – Voltage Security said this highlights the need for encryption and tokenization of any sensitive data to protect any organization against the negative impact of data exposure.
The problem with modern IT systems, said Dave Anderson, a senior director with the data-centric security specialist, is that data can be replicated, shared and moved across multiple systems, quite literally, at the touch of a button. This requires data to be protected across its entire lifecycle, not only when it is stored away.
And with cross-platform systems and topologies making it difficult to know whether an IT resource is local, remote or cloud/outsourced, controlling data held in the clear has become an almost impossible task.
“This breach further highlights the issues around effective data security, and re-iterates the need to implement robust encryption, tokenization and data masking controls on the data itself in order to provide comprehensive protection. This is the only way to protect sensitive information as it moves throughout an extended enterprise,” he said.
“The takeaway for me, however, is that this saga highlights the need to obfuscate, or de-identify, the sensitive information in your organization, wherever it is stored and however it is used and moved. The problem with multi-dimensional data – especially spreadsheet or SQL database files – is that it is very difficult to understand which elements contain private data. For this reason, encryption and tokenisation of all data becomes a driving imperative,” he added.
For more on Voltage Security: http://www.voltage.com
For more on the latest IRS data fiasco: http://bit.ly/1bksxGd