How safe is your customers’ personal information online? Ted Samson recently delved into this question in his Tech Watch article that highlights the California Attorney General’s announcement that it was time to crack down on companies that don’t encrypt personal data.
Which begs the question: How much personal data was exposed? If you live in the Golden State, 1.4 million of you have been exposed. That’s right. From your age to your social security number, your driving records and a myriad of other personal data has been exposed because companies have chosen not to encrypt your data. 103 different companies suffered data breaches, and many were payment card issuers. See the article for several more panic-inducing stats.
Until now, companies in California have not been required to encrypt data, which can protect consumers from Internet fraud and thievery. There are incentives in place to encourage companies to encrypt. But that dangling carrot of incentives doesn’t seem to be working. To be fair, it can be cost-prohibitive to undertake an extensive encryption policy for some companies, which could mean an overhaul of their entire operating platform.
Nevertheless, Attorney General Kamala Harris is cracking the whip on encryption. She cautioned that her office will make encryption “an enforcement priority to investigate breaches involving unencrypted personal information.” She also encourages law-enforcement agencies to follow suit.
It remains to be seen whether this harsher language – some might call it a threat – will work. If it doesn’t, she has bigger plans. Harris stated she will recommend that the California Legislature enact a law requiring encryption.
So, the message to companies in California seems to be: Encrypt now or be forced to do so later. So why not get ahead of the game? Just think… your customers will rest a little easier knowing that those hackers lurking in the shadows of the Internet can’t view their social security number, age, spending habits or (gasp) their Netflix queue.
On the bright side, The Ocean Group always puts customer data security at the top of the priorities list for our clients even if our clients don’t realize its importance. This prevents a disaster recovery scenario down the road. So, if you’ve done business with us, chances are you’re covered. And if not, well, we can help you out with that.
