Changing the System
It’s always easier to grasp a problem—and sometimes find a solution—when it hits close to home.
My aunt, an elementary-school principal, always keeps her students’ well-being top of mind. That’s why when she creates the yearly school calendar, complete with photos, she sends every parent a permission slip allowing them to “opt out” if they prefer any shot of their child participating in a class or school event not be used. But things do fall through the cracks.
When the 2007-2008 school calendar came out, a couple of parents complained their children appeared in the calendar, even though they opted out. While she was sure it was a mistake, there was no way to research it—all paper-based permission slips were thrown out once the calendar was printed in spring 2007.
“It’s time to change the system,” she said. “When something doesn’t work, it has to be changed.”
If my aunt’s experience illustrates anything, it is that data-exposure incidents—whether involving photos or electronic information—occur daily. That’s when it hit me: It is time for retailers to take their own actions to change the system.
I’m calling this change the move to “Data Loss Prevention”—an overall, comprehensive data loss-prevention strategy. And it is long overdue.
Cyber-thieves continue to pirate consumers’ personal data and they are claiming their booty through retailers’ systems, including e-commerce sites, point-of-sale devices, gas pumps and ATMs. And inside jobs stem from crooks using fake credentials to gain network access.
Sure, retailers are making efforts. Most encrypt data and work to comply with PCI DSS (Payment Card Industry Data Security Standard), a standard established by the four major credit-card companies to protect cardholders against the misuse of their personal information.
While these are important steps, “They are not the answer,” Paul Proctor, research VP, Gartner, Stamford, Conn., said during the annual FMI and Marketechnics Convention held in Las Vegas in May. “And truth be told, PCI was never intended to be a security measure.”
That said, it is time to take ownership when creating security. And the industry must work together to make it happen.
First, we need to change how business solutions are developed, built and purchased. This puts any company creating technology in the hot seat.
Retailers and company shareholders must ensure that vendors talk the talk and walk the walk. The same goes for retailers that still create systems in-house.
Once those solutions are validated and installed, the next step is to ensure that the correct safeguards, encryption and controls will monitor data flow and employee access to information.
Finally, the only way to uphold any successful loss-prevention program is to educate employees. Make them aware of their role in protecting data, keeping it secure, and the consequences for laziness. Chances are if employees understand what is at risk, they will be more mindful about mitigating it.
No one ever said securing an enterprise would be easy. However, it is clearly time “to change the system.” The sooner retailers establish a plan, monitor controls and educate employees, Data Loss Prevention will become second nature.
Survey: Businesses want to go green, but afraid of costs
DELRAY BEACH, Fla. According to a survey of 2,500 business professionals by Office Depot, half of all respondents are interested in making their offices “greener.”
While 50% of those surveyed said they’d like to have a greener office, more than half (55%) said they did not associate going green with saving money.
According to Yalmaz Siddiqui, director of environmental strategy for Office Depot, “There is actually a range of cost scenarios that a business could face when deciding to go green,” he explained. “Some choices, like remanufactured cartridges, cost less; some require an upfront investment but come with long term cost savings, like compact fluorescent lights; some products entail no price difference; and some green ideas do cost more. The trick is to understand the different options and not assume that going green will always result in higher costs.”
Toys ‘R’ Us to be exclusive retailer of ‘Soul Bubbles’ Nintendo DS game
REDWOOD CITY, Calif. Toys “R” Us will be the exclusive retailer of Soul Bubbles, a new game for Nintendo DS created by Eidos Interactive.
“Creative and refreshing, Soul Bubbles is a unique game that DS owners won’t want to miss,” said Robert Lindsey, evp of sales and marketing for Eidos Inc. “This is a charming story combined with gameplay that pushes the capabilities of the Nintendo DS is sure to engage all puzzle gaming fans.”