The data security debate rumbles on as 71 per cent of merchants claim to have stored unencrypted card data in 2011.
The figures, published following a survey by merchant data leader SecurityMetrics, highlight the need for firms to encrypt their data and continue the fight against hackers and thieves.
In his blog, SPVA spokesperson Steven Hughes wrote: “These are troubling numbers, especially for an industry marked by ever-changing technology and increasingly sophisticated hackers. The fact of the matter is this: merchants who store unencrypted payment card data directly violate Payment Card Industry Data Security Standard (PCI DSS) requirements and may be subject to fines and other penalties after a compromise.”
Kevin West, CEO of K logix, a data security software company, described the data security issue as a ‘$100 billion problem’.
He warned companies to have procedure in place for cyber attacks and to ensure employees don’t sent intellectual property or private data over any Internet channel, including Gmail and Facebook.
Chris Poulin, chief security officer of Q1 Labs, a subsidiary of IBM, said data breaches are inevitable but that companies must be prepared for attacks.
He added: “Organisations should look to deploy technology that meets their need to control the flow of information across the network; control access to information itself; protect end systems; encrypt information where necessary and where possible meet more advanced security requirements, including, but not limited to, data loss prevention.”