Closing Security Gaps: Introducing the Pressure Incentive

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • For all the talk about sophisticated security strategies, too many breaches can be avoided by making sure the basics are under control, starting with adequate data security policies.
  • The recent breaches of Global Payments and LinkedIn’s data cast a harsh light on the lack of care those organizations took to applying appropriate protections such as multi-factor authentication and encryption to safeguard customer data.

One unfortunately consistent truth about data security is how often some of the most egregious data breaches could have been stopped if adequate care was taken to ensure the most fundamental elements of security were in place, starting with the appropriate policies regarding the handling of crucial customer data.  We have seen this recently with attacks such as the theft of hundreds of thousands of patient records from Utah’s Medicaid health system in March (see “Anatomy of a Breach: What We All Can Learn from the Utah Medicaid Records Theft,” May 18, 2012), where a cascading series of clear missteps in policy and execution made the breach relatively easy for hackers. Continue reading “Closing Security Gaps: Introducing the Pressure Incentive”