Connecticut is taking the next step in guaranteeing that customer data is secure. Therefore, if companies want to do business in this state, they will have to make sure that all personal data that is stored and transmitted is encrypted. In addition this soon to be law would require business to enable stronger password protections and control how much personal identifying information can be downloaded at one time, to help mitigate damage in the event any data is stolen.
For Connecticut residents, nearly one-third of them, were affected by the Anthem breach. It is no wonder that states like Connecticut, Maryland and New Jersey have made headlines pushing for all organizations to encrypt any sensitive data they have that pertains especially to customers. Connecticut Senate Majority Leader Bob Duff, D-Norwalk explains that, “In the long run, I think that companies will find it cheaper to implement these protocols than to have to clean up the mess of a data breach.”
How should we feel about these new laws? Well for one thing as a customer, we are glad that steps are being taken to protect our data. As an organization, not only does this help them build confidence in the customers, but also among other things is protecting an organization own sensitive data as well.
With the lack of encryption, there is no way that companies can protect their data against the hackers even if it is stolen from their organization. To trust security policies, programs, training, strategies, etc. is useless against insider threats.
However, there is a solution and all organizations who have not known about it before sure have heard about it now. Fasoo Enterprise DRM (Digital Rights Management) to protect organizations and also build confidence for customers about having their data secured. If data is DRM protected then, this is one less concern organizations now in Connecticut, Maryland, New Jersey, Massachusetts, and more states have to have.
Photo Credit: Dug Song