It’s not as hard as you might think

I was reading an article from ITWorld this week that touched on the recent data breach at the South Carolina Department of Revenue. While I find this type of thing fascinating, I also find it scary when someone says something like this:

“The industry standard is that most SSNs are not encrypted… A lot of banks don’t encrypt, a lot of those agencies that you think might encrypt Social Security Numbers actually don’t, because it is very complicated. It is cumbersome and there’s a lot of numbers involved with it.” – South Carolina Governor Nikki Haley

Statements like this are akin to my kids saying they don’t want to do something because it’s hard.  Far be it for me to pass judgment on the State and its security practices, they are what they are, I’m talking more about the concept that encryption is hard, complicated, cumbersome and other such nonsense. It’s not.

[Dear South Carolina Department of Revenue, we have a neat little product that might be able to help you with the difficulty you’re experiencing in encrypting your constituent data and will send a representative ASAP to walk you through the value of our data protection offerings.]

But getting back to the complexity of encrypting and securing data, it really isn’t that hard. With the onset of technologies like AES-NI, SEDs and the general improvements in OS performance and processor speeds encryption is nowhere near as ‘cumbersome’ as it was 5 years ago. And yes, there are a lot of ‘numbers involved with it,’ mostly to do with encryption strings, keys, key files and other millisecond transactions that encryption solutions do to secure data – all of which are completely transparent to the user.

Now, one thing that really stands out in all of this is that the State is stepping up and offering free credit monitoring to those affected for one year. In looking up the costs associated with credit monitoring (Equifax, Identity Guard) it ranges from $9 a month to $20 a month. Let’s assume that the State received a deal and are only being charged $5 a month per user. If every one of those 3.6 million affected people sign up for the service, that will cost the state $216,000,000. That’s nearly a quarter billion dollars.

As it stands, only approximately 287,000 people have signed up for the service to date. That may cost the state a paltry $17,220,000 but likely a lot more as more people realize they’re affected.

Now think of this from a business perspective – If you lost that many customer records… and had to make the same offer to offer peace of mind to those customers to ensure you KEEP them, could your business afford, at minimum, a $20 million hit?

A data encryption solution like SecureDoc would cost exponentially less to implement. Guaranteed.

Previous Post
Windows 8 is here! Now what?
Next Post
The importance of partners

Related Posts

2014 the year of Cyberwar

This year has been a scary year when it comes to cyber-attacks. Almost 9 billion records were compromised so far, and I would not be surprised if there were more. When it comes to these data breaches it is not…

Strength in Sharing at the FS-ISAC Summit

WinMagic was a sponsor at the annual Financial Services Information Sharing and Analysis Center Summit at the Marriott Sawgrass in Ponte Vedra, Florida last week. This popular three day event introduced engaging, thought-leadership presentations and networking opportunities with representatives from…

The PC is dead, long live the PC

There’s nothing like being melodramatic at the beginning of the week. Today Gartner Inc. released the latest worldwide PC shipment numbers and it looks like things are declining. Gartner is attributing much of this decline to a shift to Tablet…
Read more

Visionary! – Gartner Magic Quadrant

Being a software company focused on Mobile Data Protection (MDP) means we’re constantly trying to evolve our products and services. And according to Gartner Inc. that’s paying off as once again we were recognized as a Visionary in their annual…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.