Saturday, January 25, 2014

Two More Retail Data Breaches

I don't think I've seen so many banner headlines for retail data breaches in recent memory.  We all know about the data thefts at Target and Neiman Marcus in recent weeks.  Now comes news that Michaels Stores is investigating a data breach.  We're not done yet.  Coca-Cola says a laptop theft may have exposed personal data to loss.  What on earth in Coke doing with people's data?  It's not like they need any customer loyalty programs.  Coke's flavor leaves no taste memory so people naturally crave more.

Corporate IT departments must be at some new level of stupid if they can't encrypt laptops or secure transaction streams.  I spent the better part of last year hearing the superstars of enterprise computing tell thousands of aspiring CIOs how cloud security is totally awesome.  It would help if they addressed device encryption too.

Do you trust your bank to secure your credit payment history?  Do you trust your email service provider to secure your messages and contacts?  Do you trust your web host service to secure your digital storefront?  These are all becoming very relevant questions.  The enterprise computing sector needs to come up with the IT security equivalent of a Good Housekeeping seal of approval that retail users will trust.  That probably won't happen as long as NSA backdoor agreements leave open gaping vulnerabilities that disgruntled insiders can exploit.  The corporate IT sector needs help tying its own shoes; it still has some growing up to do.

Full disclosure:  No positions in the securities of any companies mentioned at this time.