by Marcelo Pereira, Product Marketing Manager
I was a victim of data breaches twice this year. As a result my credit card was canceled both in January and July while I was travelling on business. On both occasions my bank informed me that: “your credit card data was stolen from a company’s database – together with data from thousands of other people – and because of this breach we had to cancel your card.”
Obviously it was not only my credit card data that was stolen. It was all the data that makes it possible to use my credit card for online transactions - including my contact details and who knows what else.
The consequence of such a data breach for a user, like me, is that they may end up without an option to pay their expenses abroad and end up in a very embarrassing situation with their business partners, or even worse, their customers.
What I find even more shocking is that both times my bank refused to disclose the name of the company that my data was stolen from, which makes it impossible for me to at least stop using their services and risk having my data stolen yet again.
So here is my point: I can’t, as most of us can’t, really live without exposing my personal information online. In Denmark, where I live, public services are handled online, as well as tax reports and a whole range of services - from doctors’ appointments to transportation cards. The vast majority of services are better handled online than otherwise. To use such services, public or private, users have to share an enormous amount of personally identifiable information (PII).
It is the responsibility of the service provider to protect PII from breaches. That includes making sure that information is stored in a way that not all data can be exfiltrated in case on a breach. Regulations are being developed to enforce security standards when dealing with PII. However, it seems that we are not being successful in implementing them. And organizations are still reluctant to shed light on the poor state of security and the risks data is currently exposed to.
As a user, and a consumer, I feel helpless. There is little I can do to protect my data once it is in someone else’s hands, except trying not to use any untrusted services, but then again… How many breaches have we heard of in the past years involving well-known, established brands? Many, I’m sure. And there are many more you just don’t hear about.
So what is left is to make sure that at least our data is secure in our own devices.
One of the most effective ways to achieve this is to ensure that the applications you have installed are patched with the latest vulnerability and security updates from the vendors. This is no easy task, as often we do not receive alerts, or go through the often cumbersome processes to apply the latest vulnerability and security patches.
Flexera Software has free consumer solution to patch personal Windows machines with ease: Personal Software Inspector. It has been downloaded by over 8 million people worldwide.
You can download Personal Software Inspector directly from our website to make sure you tighten the security of your own devices and continue to hope organizations you trust with your PII will also improve their security to avoid data breaches and the inconveniences they cause to customers.