Even after suffering from a devastating data breach, National Association of Federal Credit Unions (NAFCU) is dismissing the idea that the data encryption rule should be implemented. Instead, they are saying the credit unions should follow best practices and look into other ways than encryption.
Just to refresh your memory, at the end of 2014, the National Credit Union Administration (NCUA) suffered a data breach when one of their own had lost a thumb drive containing personal credit union member information during a routine audit. That included names, addresses, Social Security numbers and account numbers for around 1,600 members worth around $13 million.
However, those in the security industry know that encryption especially with information rights management is distinctively the reasonable choice to protect your data, as Debbie Matz, the Board Chairman for the NCUA said, “We are contemplating a rule, which would require encryption…” Matz said. “Short of requiring it, we’re really struggling trying to figure out how to prevent data breaches. That’s a very fundamental thing to do, to make sure that if the data is lost or stolen that members’ confidential information is protected.”
Sooner or later as can be seen in New Jersey, New York, and will look to be extended to other states, the NCUA will not have any choice, but to encrypt or apply the best security measures to protect the data itself no matter where it is. Organizational policies, training and regulations of security policies to abide by, just doesn’t cut it as proven in the countless headlines of data breaches.
With the correct data security, and the ability to protect data of others should be the viewed with the utmost importance From insider threats (both malicious or by accident) to external hackers, even if stolen the data must not be that easy to access like in such cases as we have seen in the headlines.
To be able to share your files that contain these kinds of data, the concern that it will get stolen must disappear. How much longer must we worry about these cases? In this case, you don’t have to worry at all due to knowing you can implement Fasoo Enterprise DRM (digital rights management) and be able to set permissions relating to accessing the documents.
Photo Credit: Chris Potter