Our Director of Enterprise Sales, Mark Cuneo checked into the FinTech Hotseat, a 15-minute Q&A video series hosted by Strategic Treasurer, a leading treasury consulting firm based out of Peachtree City, Georgia, to talk about protecting high priority data. In the interview, Mark explains why all data should not be treated equally when it comes to enterprise payment security and relays other helpful data security tips every IT team should know about.
We’ve summarized Mark’s top tips below, but if you have a few minutes we encourage to watch the video in its entirety here .
What is high priority data, you might ask? It is the data that if exposed, would cause the greatest damage. Some examples include credit or debit card numbers, security codes and any other personally identifiable information that can be traced back to cardholders.
Encryption works by encoding sensitive information like valid credit card numbers utilizing an algorithm. The problem with this security tactic is, that the coded values can always be decoded and stolen.
Tokenization is a far superior security solution because it works by taking vaild cardholder data and replacing it with a token. A token is not derived from the original value – it is based on a randomized number. This means that even if a data breach does occur and tokens are stolen, the thief will never be able to derive the original credit card number from it.
“To give you an idea of how tokenization works in a different security senerio, imagine someone breaks into your home. You have a safe full of jewelry. The thief cracks into the safe and steals fake jewels. Why does this happen? You thought ahead and proactively prepared for such an incident by taking your real jewels and placing them in a secure vault located within a bank.” – Mark Cuneo
In closing, it is important for enterprise-level organizations to identify high priority data and use measures in addition to PCI compliance to protect it because it is always better to be in a situation where you’re proactively preventing an cyberattack from occurring, rather than franticly reacting to one.
To learn more helpful tips, check out Mark Cuneo’s full interview embedded below.