Why Mask Data?
Once masked, de-identified or obfuscated, exposed or stolen data is worthless.
Masking data protects Personally Identifiable Information (PII) or other private company data, making it safe to share or to use in application development, testing, training or CRM applications.
Data breaches have increased in severity and frequency, but many organizations do not have the tools, the personnel or the funding to prevent and contain them quickly, efficiently and cost-effectively despite government regulations that require the protection of sensitive data. Live customer data from production environments should never be used for non-production purposes.
To learn more about the various kinds of software security solutions please read, Defining Security Software Solutions.
Masked, De-Identified or Obfuscated Data Produces Data That Are:
- Compliant.
- Customizable.
- Realistic-looking.
- Manageable.
- Ready-to-use for testing, training, application development and more.
How Do Data Breaches Happen?
- Employee or contractor negligence — inappropriate access, lost storage device and/or data leaked in digital transit.
- Situational — business mergers and acquisitions, mainframe-to-distributed data migrations (or those to a cloud), and more.
- System errors or malfunctions.
- Malicious insider theft or external attacks.
Data Breach Costs
Financial, Legal, Reputational
Costs resulting from data breaches encompass numerous areas, including:
- Technical remediation of overly complex data systems.
- Edits and amendments to financial statements.
- Increased internal auditing.
- Development and implementation of new internal data management policies.
- Media relations outreach.
- Customer notifications.
- Reputational remediation.
- Identity theft monitoring services.
- Legal judgments and fines.
Financial Consequences of Data Breaches
How much information does your organization manage? Ponemon Institute’s most recent cost analyses, The Post-Breach Boom (February 2013), suggests you multiply the number of records by a cost-per-record breach range of $174–$222, depending on its root cause. Many online resources are available to help estimate the cost of a data breach relative to your organization’s specific information, including data breach calculators from Ponemon Institute/Symantec, Tech//404 and Hub International.
Legal Consequences of Data Breaches
Serious legal consequences result from data breaches in most industries, but the financial and health care sectors suffer significant impacts with regulations that include the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA). The financial sector fears public stock rollercoaster results as well as any security vulnerabilities that must be reported via 10-K, 10-Q and other SEC required documents. Health care organizations must adhere to public disclosure rules for any loss of 500 personal records or more, among other requirements. And customers with breached PII (Personally Identifiable Information) may join class action-level lawsuits.
Protecting Your Reputation after a Data Breach
Investors and other stakeholders can move markets based on trust (or lack thereof) while customers truly fear identity theft and feel violated when they hear media reports or receive a data breach notification. Sensing a lack of attention to privacy, business influentials and customers find other organizations to fulfill their service needs. Up to 40 percent of customers would consider discontinuing their relationship with a company who exposed their personal data, according to survey results calculated and compared from 2005 to 2012 by Experian Data Breach Resolution and The Ponemon Institute. The best case studies for reputational remediation post-data breach are those in which organizations release their story quickly, control the message and implement immediate procedures to assure the security of customer information.
DataVantage® Solutions
DataVantage® software solutions mask, de-identify and obfuscate data to help organizations comply with regulations, pass data privacy compliance audits, manage data on a need-to-know basis, and maintain their role as trusted provider of financial, health care, education, retail, government and other services. Among all of the data masking solutions in the marketplace, only DataVantage Global® has been designated as Qualified Anti-Terrorism Technology by the U.S. Department of Homeland Security.