Encryption or encryption of information is one of the mandatory points of any system today and this increases as the responsibility and the volume of private information that a company has to manage increases. This is why failure to do so is a serious crime worldwide and can result in severe penalties. Otherwise ask Morgan Stanley who was taken a hefty fine for not protecting your hard drives.
One of the most misunderstood markets, but at the same time the most lucrative and the most important, is that of IT, and today thousands of companies handle customer data that they must protect. Therefore, it is not only necessary to have the servers well protected against intruders, but also to have the information well encrypted so that only we can read it and ultimately know how to dispose of unused storage units.
Why was Morgan Stanley fined?
The famous American investment bank received a fine of $35 million by the Securities and Exchange Commission for doing a terrible elimination of all storage units used in their servers. The cause is that they hired a company without knowledge in the matter get rid of hard drives that they contained private and sensitive information of its thousands of customers. In total, there are 42 the number of systems affected.
The bank decided not to respond to the SEC charges, so He did not plead guilty and did not deny the charges.. Simply, he limited himself to paying the fine. Although for this price Morgan Stanley could have invested in more security and all of this experience shows the importance of hardware for data protection, which we tend to despise or ignore.
No data encryption
Although the problem was more serious due to the fact that Morgan Stanley never used any of the data encryption techniques on the hard drives of its servers. Thus, anyone accessing these hard drives can easily get the information and at the same time, this data is vulnerable to third party intrusion on the servers.
It is normal to use specialized hardware to encrypt data In formats like AES-256, this relies on a specialized chip that performs a mathematical formula that converts the binary code on the hard drives to another, such that the data cannot be read. At the same time, the system is accompanied by another chip that performs this function in reverse to be able to recover the data. This allows complete recovery of information locally.
In any case, with the attacks against NVIDIA a few months ago and UBER recently, it becomes clear that companies often ignore these protection methods or rather do not do them and it is necessary to improve security in these cases.
