|
: Heartland Payment Systems, based in New Jersey, United States, processes debit and credit card transactions involving over 100 million cards a month, on behalf of nearly 2,50,000 merchants. It announced in January this year that there was a data breach in its processing systems. Unknown intruders had broken into its systems sometime in 2008, and planted malicious software to steal card data. This data breach was bigger than the previous known case of a retail giant TJX, in which some 94 million customer records were lost in 2007. There have been similar cases in the UK in which organisations, such as the Internal Revenue System, lost millions of records due to security breaches.
In several surveys of corporates conducted in North America and in Europe, data security has been singled out to be of the highest importance–ahead of other parameters such as regulatory compliance, identity and access management, application security and business continuity management. Surveys have also revealed that protection of customer data is a key business objective for the corporate world. Privacy protection, i.e. protecting the personal information of clients, is at the heart of data protection. Personally identifiable information (PII) includes names, addresses, telephone or mobile numbers, social security numbers, PAN numbers and passport numbers.
PII is collected by banks before opening an account. In India, this is part of the ‘know your customer’ (KYC) process. Likewise, mobile operators also collect PII from consumers before issuing mobile connections. There are numerous applications in e-governance as also in e-commerce that enroll consumers for providing services, and in the process collect a pile of personal data. In data breaches of the kind experienced by Heartland Payment Systems or TJX retail or Internal Revenue Service or Amazon Books, data losses compromise the privacy of consumers. Such stolen data lead to identity thefts that are used by cyber criminals in conducting economic crimes and other forms of illegal activities.
No wonder that data protection has emerged as a major corporate and government concern worldwide. Clients of Indian IT and BPO companies are concerned about protecting the privacy of their customers whose data processing is outsourced. They want to focus on secure handling of data so as to ensure the privacy of customer data and the security of corporate data. Different countries have enacted laws to deal with data protection and data privacy. These are generally based on: International Covenant on Civil and Political Rights;...
| Single Page Format | 1 - 2 - 3 - Next |
Discuss this story on expressindia forums
|
|
 |
 |
 |
About Us | Contact Us | Advertisers | Site Map | Make us your homepage | Work for Us | RSS | Subscribe | Electronic Edition | Privacy Policy© 2009: The Indian Express Limited. All rights reserved throughout the world
