Blog

Mandating Encryption for Organizations
Data security

Mandating Encryption for Organizations

Connecticut is taking the next step in guaranteeing that customer data is secure. Therefore, if companies want to do business in this state, they will have to make sure that all personal data that is stored and transmitted is encrypted. In addition this soon to be law would require business to enable stronger password protections and control how much personal identifying information can be downloaded at one time, to help mitigate damage in the event any data is stolen.

For Connecticut residents, nearly one-third of them, were affected by the Anthem breach. It is no wonder that states like Connecticut, Maryland and New Jersey have made headlines pushing for all organizations to encrypt any sensitive data they have that pertains especially to customers. Connecticut Senate Majority Leader Bob Duff, D-Norwalk explains that, “In the long run, I think that companies will find it cheaper to implement these protocols than to have to clean up the mess of a data breach.”

The Debate of Encrypting to Prevent Data Breaches
Data breach Data security

The Debate of Encrypting to Prevent Data Breaches

All the data breaches in the news these days have caused many to think about encrypting their data to prevent the losses a breach will bring.  With one of the biggest private health care providers in the US falling victim to a massive data breach, we can learn from its experience.

Even though credit card information wasn’t exposed, other sensitive data was, including names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.

So the question here is why no encryption?  According to SC Magazine, the institution felt it had other security strategies.  Unfortunately this is not the only incident of a data breach in the healthcare industry.  From stolen laptops containing sensitive patient information to back doors planted in systems, information detailing abnormalities in usage behavior should be enough for IT administrators to notice and act upon.