Subscribe to the InfoTech eNewsletter

infoTECH Feature

December 04, 2012

Plan Ahead to Avoid Costly Data Breaches

There can be many negative results from a data breach. It can lead to paying out a lot of money (such as for fines, audits or investigations); hurt remaining data; or consumers having less trust in your business – further hurting the bottom line.

It’s therefore better to plan ahead – and use precautions such as encryption – when it comes to data security, according to Brian Henchey, a lawyer at Baker Botts, in a recent report from Thawte.

"From a business perspective, encryption theoretically reduces the value to third parties of any data compromised in a breach, thereby mitigating the associated cleanup costs," Henchey said in the document. "From a legal perspective, this reduced value lowers the risk to be allocated and shifts the focus to the encryption techniques to be used."

Not only should businesses use encryption for the cloud, but also guard data over which a business has oversight. Payment card online transactions can be protected by SSL certificates. They authenticate identities.

Also, some SSL certificates provide added security – such as the "green bar" provided by Extended Validation certificates.

Thawte has a SAN/UC SSL certificate suited for secure communications on a Microsoft (News - Alert) Exchange server. It protects information on test environments. In addition, Code Signing Certificates are used to secure code that can be downloaded from the Internet. 

Businesses will also find that customer confidence increases if the business secures a MSIIS server with a Thawte digital certificate.

“Effectively guarding data as it transfers from one machine to another can be critical for avoiding compliance and regulatory fines,” Thawte recommended.

There are other steps that can be taken, too. The PCI Security Standards Council suggests businesses undertake comprehensive risk evaluation to identify and prioritize any vulnerabilities in security. The assessments are largely either quantitative or qualitative. The quantitative assessment provides numerical values (costs) for threats. The qualitative assessment can assess the impact on an asset.

By identifying risks and threats, risk reduction or risk sharing can be put into place. Risk reduction includes employing an SSL certificate. Cyber-insurance is an example of risk sharing.

Thawte has a lot of experience in the field. Since 1995, Thawte has issued over 945,000 SSL and code signing certificates.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida.  Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.

Edited by Braden Becker

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers