According to a 2014 Experian industry forecast, the number of data breaches will continue to rise. IBM's study on data breaches reveals that the average cost to a US organization is $201 for each compromised customer record. With an average of 29,000 records compromised per incident, the cost of a data breach can reach well over $5 million.
In addition to the significant financial obligations which result from a security breach, there is an acute loss of trust between an organization and its customers. Fallout from the Target breach comes to mind.
To mitigate the effects of data breaches, and help BFSI and other organizations managing credit card data comply with PCI DSS rules, IRI FieldShield protects primary account number (PAN), or credit card number values (along with other data at risk) in databases and files. Applicable FieldShield functions are strong encryption, SHA-2 cryptographic hashing, and tokenization.
FieldShield GUI users apply their choice of protection functions to PAN and other columns in an intuitive, efficient, and flexible manner under Eclipse. For example, specification of an encryption cipher with a pass-phrase occurs in a simple dialog:
In this example, format-preserving encryption is used to comply with PCI, to ensure that no changes are required to the table or database structure and to possibly deceive hackers into thinking they have actual PANs.
These easy, yet powerful functions of FieldShield can also help you limit the financial and operational impact of a data breach. For example, Steam, a gaming distribution platform, suffered a data breach. As significant as the breach was, the overall impact to Steam was limited because the credit cards were encrypted.
FieldShield provides simplicity, affordability, and peace-of-mind in securing credit card data at rest. It helps organizations meet the PCI DSS v3 requirements for protecting stored cardholder data, while mitigating the risk of data loss.