Triware Networld Systems 

Celebrating Over 17 Years Of Around The Clock Superior Network Systems Service & Support!

 

Home
Solution
Technology
Service
Support
Client
Partner
Career
Events
News
   Back ] Up ] Next ]
 
   

 

DIGITAL INFORMATION SECURITY

Our society has spent hundreds of billions of dollars in the last few decades to convert data and images into digital form. And we have continued to pour money into this in the last 10 years as the popularity of the Internet and other computer technologies increase. By now, everything and anything with the least bit of important is available in digital form — or will be if it isn’t already.

Gone are the days of cancelled checks since most banks now scan and store them as digital images. Gone, too, are most paper bank statements, which have increasingly become converted into electronic statements that are just as good as paper ones.

On June 30, 2000, former President Bill Clinton signed the e-signature bill into law.  The bill recognizes online “electronic” signatures as legitimate to complete legal agreements and commercial transactions. Many similar developments have occurred since the signing of this bill.

Today’s digital information has become the backbone of hundreds of billions of dollars worldwide spent annually on the digital economy. In fact, the command and control centers for the United States armed forces would fall apart if mission-critical digital information wasn’t available or compromised.  Corporations and organizations worldwide, large and small would cease to function if we took away their digital information.

But how secure is our digital information? Is our digital information protected from natural disasters, computer hackers and human errors?

The answer is a resounding “no.”  Almost everyone knows someone who lost data on a Personal Computer (PC) because of a virus, hacker, hardware issues, Internet-related faults or identity theft.

So what about those organizations whom we trust to store our most intimate information digitally? You would think they at least would have the resources to protect our information. Well, think again!

Below are just a few hacks that occurred between February 15 and September 19 of this year, according to Privacy Rights Clearinghouse in San Diego, California.

Date

 

Organization

Type of

Breach

Number of Records

15-Feb-05

ChoicePoint

ID thieves accessed

145,000

25-Feb-05

Bank of America

Lost backup tape

1,200,000

25-Feb-05

PayMaxx

Exposed online

25,000

8-Mar-05

DSW/Retail Ventures

Hacking

100,000

10-Mar-05

LexisNexis

Passwords compromised

32,000

11-Mar-05

Univ. of CA, Berkeley

Stolen laptop

98,400

11-Mar-05

Boston College

Hacking

120,000

12-Mar-05

NV Dept. of Motor Vehicle

Stolen computer

8,900

20-Mar-05

Northwestern Univ.

Hacking

21,000

20-Mar-05

Univ. of NV., Las Vegas

Hacking

5,000

22-Mar-05

Calif. State Univ., Chico

Hacking

59,000

23-Mar-05

Univ. of CA, San Francisco

Hacking

7,000

28-Mar-05

Univ. of Chicago Hospital

Dishonest insider

unknown

?-Apr-05

Georgia DMV

Dishonest insider

100s of 1000s

5-Apr-05

MCI

Stolen laptop

16,500

8-Apr-05

Eastern National

Hacker

15,000

8-Apr-05

San Jose Med. Group

Stolen computer

185,000

11-Apr-05

Tufts University

Hacking

106,000

12-Apr-05

LexisNexis

Passwords compromised

280,000

14-Apr-05

Polo Ralph Lauren/HSBC

Hacking

180,000

14-Apr-05

Calif. Fastrack

Dishonest Insider

4,500

15-Apr-05

CA Dept. of Health Services

Stolen laptop

21,600

18-Apr-05

DSW/ Retail Ventures

Hacking

1,300,000

20-Apr-05

Ameritrade

Lost backup tape

200,000

21-Apr-05

Carnegie Mellon Univ.

Hacking

19,000

26-Apr-05

Mich. State Univ's Wharton Center

Hacking

40,000

26-Apr-05

Christus St. Joseph's Hospital

Stolen computer

19,000

28-Apr-05

Georgia Southern Univ.

Hacking

10s of 1000s

28-Apr-05

Wachovia, Bank of America,

Dishonest insiders

676,000

PNC Financial Services Group and Commerce Bancorp

29-Apr-05

Oklahoma State Univ.

Missing laptop

37,000

2-May-05

Time Warner

Lost backup tapes

600,000

4-May-05

CO. Health Dept.

Stolen laptop

1,600 (families)

5-May-05

Purdue Univ.

Hacking

11,360

7-May-05

Dept. of Justice

Stolen laptop

80,000

11-May-05

Stanford Univ.

Hacking

9,900

12-May-05

Hinsdale Central High School

Hacking

2,400

16-May-05

Westborough Bank

Dishonest insider

750

18-May-05

Jackson Comm. College, Michigan

Hacking

8,000

18-May-05

Univ. of Iowa

Hacking

30,000

19-May-05

Valdosta State Univ., GA

Hacking

40,000

20-May-05

Purdue Univ.

Hacking

11,000

26-May-05

Duke Univ.

Hacking

5,500

27-May-05

Cleveland State Univ.

Stolen laptop

44,420

28-May-05

Merlin Data Services

Bogus acct. set up

9,000

30-May-05

Motorola

Computers stolen

unknown

6-Jun-05

CitiFinancial

Lost backup tapes

3,900,000

10-Jun-05

Fed. Deposit Insurance Corp. (FDIC)

Not disclosed

6,000

16-Jun-05

CardSystems

Hacking

40,000,000

17-Jun-05

Kent State Univ.

Stolen laptop

1,400

18-Jun-05

Univ. of Hawaii

Dishonest Insider

150,000

22-Jun-05

Eastman Kodak

Stolen laptop

5,800

22-Jun-05

East Carolina Univ.

Hacking

250

25-Jun-05

Univ. of CT (UCONN)

Hacking

72,000

28-Jun-05

Lucas Cty. Children Services (OH)

Exposed by email

900

29-Jun-05

Bank of America

Stolen laptop

18,000

30-Jun-05

Ohio State Univ. Med. Ctr.

Stolen laptop

15,000

1-Jul-05

Univ. of CA, San Diego

Hacking

3,300

6-Jul-05

City National Bank

Lost backup tapes

unknown

7-Jul-05

Mich. State Univ.

Hacking

27,000

19-Jul-05

Univ. of Southern Calif. (USC)

Hacking

270,000 possibly accessed; “dozens" exposed

21-Jul-05

Univ. of Colorado-Boulder

Hacking

42,000

30-Jul-05

San Diego Co. Employees Retirement Assoc.

Hacking

33,000

30-Jul-05

Calif. State Univ., Dominguez Hills

Hacking

9,613

31-Jul-05

Cal Poly-Pomona

Hacking

31,077

2-Aug-05

Univ. of Colorado

Hacking

36,000

9-Aug-05

Sonoma State Univ.

Hacking

61,709

10-Aug-05

Univ. of North Texas

Hacking

39,000

17-Aug-05

Calif. State University, Stanislaus

Hacking

900

19-Aug-05

Univ. of Colorado

Hacking

49,000

22-Aug-05

Air Force

Hacking

33,300

27-Aug-05

Univ. of Florida, Health Sciences Center/ChartOne

Stolen Laptop

3,851

30-Aug-05

J.P. Morgan, Dallas

Stolen Laptop

Unknown

30-Aug-05

Calif. State University, Chancellor's Office

Hacking

154

10-Sep-05

Kent State Univ.

Stolen Computers

100,000

15-Sep-05

Miami Univ.

Exposed Online

21,762

16-Sep-05

ChoicePoint 

ID thieves accessed; misuse of IDs & passwords.

9,903

(2nd notice, see 2/15/05 for 145,000)

19-Sep-05

Children's Health Council, San Jose CA

Stolen backup tape

5,000 - 6,000

TOTAL

 

 

50,721,749

Just to complicate matters even more, many organizations are now required by laws to keep all of their digital information, including all electronic e-mails, for five or more years.  The obvious burden is the immediate Information Technology (IT) operations required to keep all of this digital information secured and backed up while keeping the vulnerabilities down in an increasingly dangerous environment.

Meanwhile, numerous laws worldwide have been enacted during the last several years aimed at holding corporations and organizations more responsible for protecting the integrity of digital information. But as we’ve seen from the above, these laws have had little effect.

Below are the key laws in the United States regarding the protection of digital information:

 

Region

 

 

Law

 

Digital Information Implications

 

Who's Impacted

US

The Sarbanes-Oxley Act (SOX)

SOX mandates that organizations ensure the accuracy of financial information and the reliability of systems that generate it. Section 404 of SOX requires management to perform an assessment of internal controls over financial reporting and obtain attestation from external auditors on an annual basis. IT systems are inextricably linked with financial reporting, and information security is essential in ensuring the reliability of these systems.

All companies publicly traded in the United States and regulated by the Securities and Exchange Commission (SEC), including US-based companies as well as al