Customers who hired the infamous ID theft-protection firm Lifelock to monitor their identities after their data was stolen in a breach were in for a surprise. It turns out Lifelock failed to properly secure their data. Ken Westin, Senior Security Analyst, at Tripwire commented on the Theft-Protection firm lifelock.
Ken Westin, Senior Security Analyst, Tripwire :
“All consumer service businesses need to prove that they have taken proper steps to protect their customers through the implementation of best practices for security controls and policies. Failure to continuously apply and update security controls can be a PR disaster for any business, but it can be even more devastating for businesses that handle sensitive data. Unfortunately, the reality is that it can be challenging to know how much security protection is ‘enough’. In the U.S. there is no clear standard of due care for cybersecurity that provides organizations with clear guidance on what they should be doing to protect themselves and their customers.
Any business that stores a great deal of sensitive customer information, particularly sensitive person data that if compromised could actually put their customers at risk of financial loss or identity theft, should make sure that keeping this information secure is a primary business goal. Failure to do so is a ‘going out of business’ strategy.”[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.