Magazine article CRM Magazine

Fear and Loathing in the Database: A Company's CRM System Might Make It Vulnerable, but with Risk Comes Opportunity

Magazine article CRM Magazine

Fear and Loathing in the Database: A Company's CRM System Might Make It Vulnerable, but with Risk Comes Opportunity

Article excerpt

It's scary enough to hear reports about 380,000 people's confidential information being compromised at the University of California--San Diego last year, or ChoicePoint Software getting scammed into coughing up data on 145,000 consumers. Consider that the information can be used to open your company up to direct attack, and that you may be liable to customers whose data you expose, and you can see why data security personnel might break into a cold sweat.

[ILLUSTRATION OMITTED]

Identity theft cost consumers and businesses $53 billion in 2003, the last year for which the Federal Trade Commission has complete data. About 10 million people that year discovered there had been unauthorized access to their bank accounts or credit cards, or that a stranger had acquired an official document in their name. Beyond those immediate costs, a piece of California legislation labeled SB 1386 includes a requirement that a company whose security is breached must directly contact (by email or post) every person exposed to potential identity theft as soon as possible, unless the cost would exceed $250,000 or require notification of more than 500,000 people. Notification is still required under those exceptions, but may include posting the notice on the agency's Web site or a general release to statewide media. The financial cost and loss of confidence could be fatal to a victim company. A number of other states are considering similar laws, and a handful of bills that would require disclosure of potential identity theft is before the House and Senate.

Phishing is the most visible threat, but it isn't the main one, according to Jonathan Penn, principal analyst for identity and security for Forrester Research. "Spyware and trojans are the big thing," Penn says, "and they also related back to phishing." Postcarding is a technique where users receive an Internet greeting card with a link that takes them to a site that downloads spyware to the system. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.