Email:
Password:
	Remember me

Featured Retail Jobs

Retail Job Search

3818 jobs online

More retail jobs >>

Search for a product, service or company

RSS channels

Responsible retailing

What is RSS?

Google Gadget

Add our retail
news gadget to
your Google
home page

Twitter

You are here: News / Don't let security breaches ruin your Christmas

Monday November 21st 2005

Don't let security breaches ruin your Christmas

Archived article dated Monday November 21st 2005

Polo Ralph Lauren is only one recent target of a string of data security breaches in the US, involving the loss of hundreds of thousands of customer credit transactions.

Unlike the UK, Californian law requires vendors to notify victims of potential breaches which means that such data compromises are well-publicised. Already surveys are predicting that British shoppers will not be going mad in the aisles this Christmas with many planning to reign in their spending and slim down their credit card bills - spending around £940 less in the run up to Christmas than last year and tightening their belts when it comes to clothes, shoes and health and beauty products (Source: Morgan Stanley Consumer Banking).

Reported data compromise events are increasing at a rate of 400% per year internationally. Ian White, Senior Consultant at Cybertrust, says: “The targets of Identity Fraud are individual consumers but to combat against the consumer becoming a victim it is necessary to look to where identity information could potentially leak from. The prime organisations that hold individual data which can be compromised are Retailers, Banks or Colleges and Universities and therefore the onus is on them to ensure that the data is protected”

Opportunities for data compromise can be minimised by following these simple guidelines:

Regularly scan internal and external systems for vulnerabilities and points of security exposure

Establish a Data Retention Policy. List the information types that must not leak out and where on the network that data is stored

Establish a Data Control Policy and outline how sensitive information is disseminated based on a business “need-to-know” basis

Establish an Incident Response Plan. Formulate a strategy for responding to situations that might jeopardise sensitive information.

Instill security awareness behaviour within all employees and network users. Security training is essential for every employee from the entry-level worker up to the CEO.

Tagged as: cybertrust | online security | security breaches

Text size: A | A | A

Should your colleagues be reading the Retail Bulletin?
Let them know about us.