Companies should focus on protecting data rather than fixing holes.
In light of the University of Florida incident where the details of almost 100,000 people were compromised when an intruder gained access to a computer system, Mark Bower, director of information protection solutions at Voltage Security claimed that protected data will be useless if stolen.
Bower said: “There are major gaps in today's corporate IT security that allow hackers to access sensitive data. Instead of worrying about how to patch the holes that hackers will find a way around tomorrow, we should be focusing on protecting the data so if it's stolen, hacked or otherwise abused, the bad guys cannot use it.
“If the data is encrypted at the point of capture and persistently protected every place that data travels, then even if a hacker gains access to an enterprise system, no actual data can be stolen. I think the real crime is that firms can very well protect all customer data and eliminate these breaches altogether-quickly and easily, actually.”
He further claimed that the focus should not be on compliance, but on doing the right thing and being responsible. He said: “How long will it be before not doing the right thing is considered criminal negligence?"