From the Blogosphere
Encrypt My Information, Please
When you provide that information to a company, what do they do with it?
By: Hurricane Labs
Aug. 13, 2012 06:00 AM
By: Leigh Goldie
For the last few months, security breaches have been on the rise (or let’s just say have been receiving more news coverage). We have seen countless stories of large, popular websites being compromised by unknown, or later identified, hackers. The quest, it seems, is to determine how easy it is to access the personal information of customers from any popular company. The hackers are proud of their accomplishments, as they have gained access to tens of millions of users account information. But it seems they have a message for corporations – encrypt your customers’ personal information. But are companies being proactive?
When you personally work with any company – be it a bank, hospital, university, or social media site – as a customer you are providing them with personal information. This includes credit card numbers, account numbers, social security numbers, birthdates (which are easy to find in other places too), health information, passwords and more.
When you provide that information to a company, what do they do with it? They place it in a database for easy access whenever you need more information, want to purchase something, or have questions about your account. When they create their database, from their point of view, they look at storing information based on ways it will assist their company’s financial success. But now with the recent breaches occurring, it is essential for them to focus more on the importance of encrypting their customers information for their company’s and customers’ protection.
If you’ve never had an account compromised, talk to someone who has (I promise they will be within six degrees of Kevin Bacon). Ask them what happened, what they lost (financially or personally), and how hard it was to fix the breach or their credit scores. Unfortunately, they all have stories. Your goal should be to avoid those occurrences in your life by being proactive.
To do this, I have an idea. I would like to start a grassroots campaign where regular, ordinary people like you and me begin writing large companies demanding that our personal information be encrypted. Who should we write? Name a large company with whom you have been a long time customer. Got it? Now think of one more. It’s easy to come up with at least two companies which you have given personal information. I know I can come up with at least five off the top of my head. But if you need extra ideas, see the list below. It includes banks, credit card companies, insurance companies (auto, medical, health and life), financial companies, stores where you buy big ticket items, social media sites, and more.
Another easy way to getting this point across is through a nonpartisan petition I created. You can find it here. It is written for the United States House of Representatives asking them to create a bill to securely encrypt consumers information within corporate/organizational databases. I plan to submit it to a few representatives from both parties that are either in or near my district in Ohio, or ones that I am betting would support this based on committees in which they have served. Please support this by signing the petition and encouraging your friends and family to do the same.
Cause and effect is a really important point that many companies and people within those companies do not take seriously enough. Help them see the light. Send them a letter telling them that you as a customer demand that your personal information be encrypted and secured before a security breach within their organization occurs. When they begin to hear this from a multitude of customers and constituents, they may just be encouraged to act.
If you would like to let us know to which companies you have sent a letter, or received a reply back from any company that you would like to share, you can reach us at firstname.lastname@example.org. You will find my example letter below along with a list of various large companies that you may be interested in contacting. Look at your monthly bills to add or create ideas of who to contact. I will keep you posted on the outcome of the petition, and thanks in advance for your signatures. Together, I know we can get this done.
To Whom it May Concern:
As a longtime customer of your company, I would like to know how and how well you encrypt my personal information within your company’s database. With the recent multitude of security breaches taking place, I believe it is essential to keep my personal information, including social security numbers, passwords, medical and insurance information, credit card information and contact information secure within your organization. Please let me know if the information is encrypted and what measures your company takes to ensure that my personal information is secure.
I am requesting a personal response and look forward to hearing from you soon. My contact information is listed below. Thank you for your time and attention.
Here are links and other contact options to largely used websites that you may want to target if you are a customer or user:
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week