Voltage Security has issued the following comments in light of the recent report from California State Attorney General Kamala D. Harris detailing 131 data breaches reported to her office in 2012, showing that 2.5 million Californians had personal information put at risk through an electronic data breach.
According to Dave Anderson, senior director at data-centric security and encryption experts Voltage Security:
“The recent breaches that affected 2.5 million Californians continue to demonstrate that current, traditional security technologies are ineffective, and businesses and governments agencies have to do more to protect sensitive customer information. These traditional technologies, including access and authorization, AV, and endpoint protection technologies are not enough to protect information across its entire life-cycle, from the moment it’s created to the moment is consumed and deleted. These current technologies are not providing the necessary means to actually protect data as the data moves throughout and across an organization, a situation further exacerbated as companies continue to leverage cloud-based services and mobility, which simply increase the ability to move and access data as never seen before. The only way that companies and government agencies can ensure that any sensitive data is comprehensively protected is through a data-centric security program, which protects the actual data levels rather than these traditional security technologies which focus on protecting the ‘container’ or silo in which the data sits.
“In the report, Attorney General Harris in fact recommends that companies should be using data encryption as a means to protect consumer information. Encryption should be used as a key mechanism within a data-centric program, but encryption needs to be supplied at the data level itself, not only on the database, or disk level, which are again simply container solutions. Public and private sector organizations are leveraging cloud-based services, mobility, as big data initiatives to manage, move and analyze sensitive customer and corporate data like never before. Protecting the data itself through a data-centric strategy is the only way that these organizations can leverage these market dynamics and initiatives in a secure and protected way. The ongoing use of only traditional security technologies will simply lead to more data breaches, especially as these market dynamics continue to be adopted. A data-centric strategy, including encryption, tokenization, and even data masking, is the best way for any organization to securely leverage the value of these dynamics for their business.”
For more on Voltage Security: http://www.voltage.com
For more on the State of CA data breach: http://bit.ly/11nifmI