Target, AT&T, and P.F. Chang’s are just a few of the many major data breaches that have happened recently, and who knows where the next data breach will come from. What is the government doing about this or what should the government being doing about this?
Recently a consumer group, National Consumers League (NCL), has kicked-off an initiative called the DataInsecurity Project, to press the US Congress and the federal government to set up reforms and speed up the notification to customers regarding data breaches. According to the NCL, there were 64 data breaches that leaked the personal information of more than 550 million people. This steep rise in data breaches can be seen as the main purpose for this project.
Some of these reforms are pushing to require businesses to protect customers’ personal data through specific data security requirements. In addition to this, there is also a push for requiring retailers and banks to implement the highest level of security available to defend consumer payment data.
Aside from being notified more quickly as a consumer, the biggest question is what is the best security out there to protect personal information from being leaked?
A lot of companies and organization have been making great efforts to secure consumers’ personal information that they store. Some of these include monitoring only or security training and policies to name a few. The focus needs to be on securing the data wherever it goes. One of the most comprehensive security solutions out there to mitigate against such data breaches, including insider threats, is DRM or Digital Rights Management.
This not only provides continuous encryption for the data no matter where it is, but also provides dynamic permission control so that if for any reason someone needs to change the permission for an authorized user, they can do it. This is especially important for situations where former employees still have access to files containing the consumers’ personal information. In addition, not just monitoring but intelligent monitoring helps provide the information necessary on how the files were used. It can assist auditors who require this information to determine chain of custody and when certain actions were taken.
So when the reforms and laws go into effect, if these organizations or companies have not already added DRM, they may face legal action in addition to angry consumers. DRM will ensure the highest level of security as well as meet the necessary security requirements to protect consumers’ personal data.