40476 Düsseldorf, de
+44 (207 ) 183-2832
Cyber-Ark says Irish Gas Board data loss highlights need for digital vaulting of customer records
The fact that the data on the laptop - one of four stolen from the Bord Gais offices and adjacent buildings earlier this month - was not encrypted is a very serious issue says Mark Fulbrook, Cyber-Ark's UK and Ireland Director.
"That's bad enough, but best practices in IT security mean that the sensitive customer data shouldn't have been stored on a laptop in the first place - it should have been digitally vaulted or at the very least encrypted locally and accessible only on a need-to-use basis," he said.
"And that need-to-use basis should only be available across the company's network, using authenticated and logged access procedures," he said.
Whilst there is a case for allowing access to customer records remotely, the information should never include customer payment details, and certainly not their bank account information unless through a secure channel with full authentication, encryption and security measures in place such as digital vaulting, he explained.
"But to store customer bank account data unencrypted on a laptop goes against all known IT security procedures. It's a very serious procedural error," he added.
For more on the Bord Gais laptop customer record fiasco: http://preview.tinyurl.com/lcxzup
For more on Cyber-Ark: http://www.cyber-ark.com
Die Nutzung von hier veröffentlichten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Bei Veröffentlichung senden Sie bitte ein Belegexemplar an firstname.lastname@example.org.