In this article, Fernando Pires, CEO of Morse Watchmans Inc, discusses how key management can play an important role in cyber security and improve company data.
At the time, it was the largest data breach in history…
In 2009, Heartland Payment Systems, a Princeton, N.J.-based provider of credit and debit processing, payment, and check management services, announced that it had suffered a massive data breach. Criminals installed spying software on the company’s computer network and stole the numbers of as many as 100 million credit and debit cards.
Since then, more than 7,524 data breaches across all types of industries have been made public, according to Privacy Rights Clearinghouse data.
Data breaches occur for many reasons, and not always from state-sponsored actors who breach a company’s network. Tossing paperwork into a dumpster as opposed to destroying it, losing a USB drive loaded with data, leaving a PC on a train, or having your office broken into – all of those actions can lead to a data breach.
According to a report from ForgerRock, personally identifiable information (PII) was by far the most common type of breach in 2018, representing 97% of all breaches. Date of birth (DOB) and/or Social Security Numbers (SSN) were the most frequently compromised type of PII in 2018, with 54% of breaches exposing this data. Unauthorised access was the most popular type of attack in 2018 by a significant margin, comprising 34% of all attacks.
There are approximately three million data centres across the United States. Data centres house millions of organisations’ networked computer servers that collect, store and process large amounts of data each day. Data centres are essential for financial institutions, large enterprises, and other corporations to function. Yet, because of the information that data centres house, they often offer the biggest bang for a criminal’s buck. Security on the outside of a data centre usually consists of gates, bollards, video surveillance, perimeter detection systems, and alarms. Yet, it is critical to secure data centres within the inside as well, not only from cybersecurity breaches, but physical breaches, too. Physical breaches at data centres can result in costly consequences, to include fines, downtime, loss of reputation and business, and more.
In addition to a data centre’s network, there are multiple physical areas of a data centre that need to be secured. Those include server rooms and cages, video surveillance and video storage centres, backup power areas, security control centres, biometric security systems, and power and cooling device areas for air conditioners or generators.
The most effective way to control access to all of those areas is by controlling the access and use of physical keys with a key management system. Using a PIN, biometric scan, or ID card will give chosen employees access to their designated keys, and tell you what key was accessed, what time, and by whom. A key control system can send alerts to your security team if an unauthorised attempt is made to access a key or to forcefully open the key cabinet. The system will even alert security if a key is not returned at a designated time. Key control systems can also be designed with card readers or biometric readers, and they can be networked for centralised control.
In a data centre, a physical or cybersecurity breach can be catastrophic and cause damage for years to come. A key control system is the most effective way to control access to all parts of a data centre and prevent physical and cyber breaches.
Download our recent whitepaper, Understanding key control systems and best practices to discover how you can bring increased security, efficiency, and accountability to your company with comprehensive key control.
Fernando Pires, CEO of Morse Watchmans Inc.
