March 20, 2006, 12:00 AM

Retailers that don’t encrypt customer data risk database breach

Online retailers put themselves at risk for a database breach if they hold unencrypted confidential customer information on their disk drives, Scott Sweren of Fortrex Technologies says.

Online retailers put themselves at risk for a database breach if they hold unencrypted confidential customer information on their disk drives, says Scott Sweren, National Practice Manager for Fortrex Technologies Inc., a data security company.

“A lot of companies aren’t appropriately encrypting that data,” he says, adding that retailers shouldn’t be storing confidential data-such as credit card account numbers-related to a purchase once the sale is completed. “The longer you hang on to it, generally the more data you accumulate, and the more information you put at risk.”

Online merchants also may not realize they’ve had a security breach until they’re notified by their merchant bank, Sweren says.

“It’s not like traditional physical crime where you know something is stolen because when you go to look for it, it’s missing,” he says. “With cybercrime, people can steal exact duplicates or replicas of the information and not disturb original.”

 

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Jodi Beuder / E-Commerce

Five customer service imperatives for Internet retailers

Based on an analysis of customer service data, Impact Learnings Systems highlights five areas e-retailers ...

FPO

Mark Burnette / E-Commerce

Key takeaways from the Target settlement for retailers

Online retailers should move from SSL to stronger Transport Layer Security technology. All companies should ...

Advertisement