Increasing Number of Data Breaches is Driving Innovation

When the U.S. Government Printing Office inadvertently posted a report containing the locations of 266 civilian nuclear sites on its website, it ignited a debate among national security professionals.


26 June 2009

When the U.S. Government Printing Office inadvertently posted a report containing the locations of 266 civilian nuclear sites on its website, it ignited a debate among national security professionals.

The question was about the severity of the exposure: Whether publishing what amounted to a blueprint of U.S. nuclear facilities irreparably compromised national security. The report has since been pulled off the website, but nuclear experts continue to debate the risk exposure based on the nature of the information revealed.

It's interesting to me that this case of data exposure was a human error in judgment, not maliciously intercepted or stolen information. However, this case is not unique. Examples of customer data leakages, breaches and outright theft abound, not only in the public sphere but also in the private enterprise. Such breaches of customer data seriously damage a company's image and customer retention rates, and also significantly impact shareholder value. The Washington Post recently published the Ponemon Institute's survey findings, which found that the 43 organizations who were questioned spent an average of $6.6 million fixing their brand image and restoring customer trust after they experienced a data breach in 2008. The same report quoted the computer security company McAfee, who estimates that the total cost of data breaches and theft reached $1 trillion in 2008.

The research, survey findings, and public examples surrounding data breaches all point to the fact that companies today are under increasing threat of losing their customers' data to cyber thieves. At the same time, they face amplified levels of scrutiny from both federal and state regulators to protect their clients' data and are subject to huge fines if they fail to do so. Traditional methods of data transfer, such as overnight delivery, FTP services or email, no longer meet the needs of this highly pressurized business environment: Physical exchange of critical data is expensive, slow, and risky. FTP servers are cumbersome to deploy, manage and provision securely. Email can not handle large files, provides limited security, and messaging infrastructures can quickly become clogged.

What do companies do when they need a secure, efficient and cost-effective solution to manage the ad-hoc transfer of their critical data? There are a number of options (including our enterprise-level solution called Intralinks Courier). In upcoming posts, I will provide guidelines for researching and selecting the right managed file transfer (MFT) solution. I'll especially focus on how to separate the wheat from the chaff: What criteria should be employed to distinguish enterprise-strength MFT solutions from the consumer-grade ones?