The future focus of security needs to be the database. Why? Because data is king!

The recent attack on credit card merchants has shown how lax information storage in databases can be, this is according to Simon Bain, CTO of Simplexo.

“It is thought that at least 1.5M card details were stolen from the company’s databases in the latest assault on credit card merchants. This attack is not rare. Every week there are more and more database attacks. This week alone a Public Broadcasting service in the US had around 1900 records stolen. These included plain text passwords, email addresses, user names and admin names. In Australia just under 3,500 names with postal addresses and credit card numbers were stolen and dumped on to the Internet,” he stated.

Simon continued: “Hacking will always be with us. It is not something that we can stop. However allowing un-encrypted data to be held in a database is unforgivable. People’s private information should be just that. Private.”

Simon continued: “Because we see that hacking is inevitable organisations need to work hard to find ways of making the database information useless to any would be hackers. I believe that if these records had been fully encrypted, it would make the record theft meaningless. Owners of the information would not be put through the inconvenience.”

Privacy of information is a major and growing concern for many organisations. There have been an increasing number of high profile hacking as the prevalence of electronic payments grows worldwide.  Citigroup became a victim in 2011 when an attack exposed data on hundreds of thousands of credit card holders, Sony was also breached in 2011.