What Price For Loss of Reputation?
September 2011 by Colin Tankard, Managing Director of data security company Digital Pathways
news that Certificate Authority, DigiNotar B.V. – part of VASCO Data Security International – has filed for bankruptcy following a security breach that allowed fraudulent issuing of certificates further underpins the critical need for robust data security systems.
Colin Tankard, Managing Director of data security company Digital Pathways says, “ DigiNotar suffered a complete lack of trust following this attack on their systems. The company lost its reputation and that, in turn, resulted in bankruptcy.
“ Whilst this is an extreme outcome most businesses are simply not facing up to the facts when it comes to providing adequate security for the data they hold. There seems to be a total lack of realisation as to the catastrophic results that can ensue from not taking the issue seriously and employing the right systems.
“Sacrificing your reputation and loosing your company because the market place has lost trust in you, is a very high price indeed and one that could have been avoided had robust security systems been employed and managed.
“I urge all businesses to urgently review their data security strategies and take the right steps to protect not only their customers but their own companies.”
DigiNotar was apparently guilty of gross disinterest in securing their infrastructure, operating with easily guessed passwords, un-patched servers and poor network segmentation – all indicative of a complete disregard for both their own, and their customers, integrity, leading to an inevitable compromise.
Adds Tankard, “Businesses must consider their overall security strategy and ensure layers of security are in place in order to provide security in depth. Once this foundation is in place educating users and being flexible when regulatory changes happen is easy. Should the worst happen, and data is lost, as long as it was protected by encryption it is useless to anyone else so the company can divulge the loss and reassure their clients of its security.
“ DigiNotar tried to hide what had happened, but when it came out there was no hiding, basically they’re a shining example of what not to do”.