http://blog.subjunctive.com/2009/02/16/security-is-not-a-checklist/ Notes on Security, Privacy, and the Law Tue, 04 Jan 2011 03:25:09 +0000 hourly 1 http://wordpress.com/ http://blog.subjunctive.com/2009/02/16/security-is-not-a-checklist/#comment-89 Tue, 10 Mar 2009 18:45:59 +0000 http://blog.subjunctive.com/?p=276#comment-89 AMEN! PCI is not the ending point for security, but rather a starting point. It doesn’t imply that you’re secure, but gives orgs a jumping point. Maybe it’s part of human nature to only meet the bare minimum of standards. Maybe it’s the excuse that in the recession, orgs can’t allocate enough funds for IT security as necessary (although a breach will cost them much more, with studies showing an average of $206 per breached record). Whatever the reason, CIOs and IT managers need to realize the importance of securing their treasure troves and know that there is a solution out there based on breakthrough Format-Preserving Encryption (or FPE) technology that makes encrypting at the data level not only possible, but cost effective, simple and quick to deploy. The solution leveraging this technology, Voltage SecureData is already in use by large companies around the globe.

]]>