Financial Institutions are in Most Need of Data Encryption Education

October 27, 2014 | By Editor 


  • Earlier for companies, regardless of the verticals, falling victim to a security breach is equivalent to signing a death warrant.
  • Apart from having to deal with a damaged reputation, the expense and labor required to set things right were not worth the risk of turning a blind eye to better security.
  • However, this seemed have changed now. Falling victim to data breach is becoming habitual as many incidents can attest. Government and industry mandates are the driving force behind the security of an organization’s data (company and customer), for financial institutions.
  • There are certain ways by which corporates can ensure the security of their information and prevent a targeted data breach from occurring.

Data Encryption

Payment Care Industry Data Security Standard

A number of top financial players have been working for the past decade to fight back against hackers.

On September 7, 2006, JCB International, American Express, Visa Inc.,  MasterCard Worldwide and Discover Financial Services formed the Payment Card Industry Security Standards Council.

The group agreed to integrate the Payment Care Industry Data Security Standard (PCI DSS) as a technical requirement for all their information security and compliance programs.

Some of the tech requirements include enforcing strong access control steps, regular monitoring and testing of networks, and protecting cardholder information.

Financial Institutions and Data Encryption

  • While PCI DSS is a start, there are still a lot of steps financial institutions can take to fight hackers. One of the important steps is encryption.
  • Many banks are in the notion that if hackers do not attempt to access financial data, it means that the said data is secure. Unfortunately, this notion is a grave, common mistake that needs addressing.
  • Financial data stored on a device (desktop, laptop, or mobile) is often overlooked because users think that data is safe. Remember, hackers can still infiltrate into a system and access sensitive financial information. The best way to avoid such a problem is to encrypt data while it is at-rest. Encrypting data at-rest means if a device is either stolen by even the most sophisticated hacker or inadvertently lost,  the data on that device is away from the danger zone.
  • Financial institutions must ensure to have a policy in place, a mandatory and manageable one, when it comes to encrypting data.
  • With banks and brokerage firms constantly making adjustments to their defense standards, it is vital these adjustments can be easily controlled.
  • In view of better security, such a policy should include the use of an SSL encryption with a minimum 128-bit keys (or stronger 256 ) and multiple rounds of testing before implementation.
  • No financial institution would want to deal with a damaged reputation a data breach can bring, especially considering the painful and long-lasting repercussions of the same.
  • When confidential data is lost or stolen, all the parties involved, want the assurance that their private financial information is still safe because of a strict data security policy.


<< How to Install SSL Certificate for a Website?Tumblr Opts SSL >>

Posted in SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory