In The Struggle To Maintain Security
A recently released study from Atlanta-based LOMA reports that technology is a two-edged sword in the battle to maintain data security–offering both defensive measures and products designed to defeat those measures.
“On one hand, powerful new technologies enable life insurance and other financial services providers to deliver more products and services through more channels,” states Stephen W. Forbes, senior vice president of research at LOMA. “On the other, they make it easier for insiders and outsiders to invade weak points and, as a result, compromise data privacy and interfere with IT processes.”
Forbes is the author of the study, “Data Privacy, IT Security and Disaster Recovery in the Financial Services Industry,” which examines security challenges and suggests solutions.
The study, released at the end of July, notes that a companys insiders, rather than outsiders, are more likely to invade IT systems because they are often aided by special knowledge of the firms operating systems, software code, linkages among systems, and other inside information.
“Thus, special attention should be paid to minimizing security breaches coming from within the organization,” the study says.
Concerns regarding privacy of information on Web sites “reflect a distrust of technology in general in protecting privacy,” the study states. “This distrust is fueled by the ongoing development of new forms of technology that intrude on privacy.”
In addition, networked computers make it easier to invade privacy because they facilitate the ability to share, combine, and perform analyses on different databases, the study points out. “Because it is easier to collect digitized data than paper data, more private information is being collected in such databases.”
According to the study, there is no completely foolproof method of protecting IT resources from invasion by hackers, or from insiders such as employees. Forbes points out, however, that “while there is no guarantee of complete security for an organizations databases and other technology resources, there is an expanding array of IT tools and business processes that can be used to increase the probability of protection.”