Safeguarding Personal Information Calls For A More Comprehensive Approach by Financial Services Institutions: Report from TowerGroup

NEEDHAM, MA, August 8, 2007 – New research from TowerGroup finds that businesses are not doing nearly enough to prevent the loss or theft of customers’ personal information. The pace of data loss is quickening across many industries, including financial services, because businesses commonly maintain customer databases that contain personally identifiable information (PII) but do not have clear data-protection policies or technologies in place.

Since the end of 2006, the total of lost records reported has increased 50%. TowerGroup expects the rising loss rate to provoke louder demands from both the public and government for businesses to strengthen data protection and become more financially and legally liable for security breaches.

For years, financial services institutions have been collecting customer and prospect data on purchases, balances, transactions, service interactions, click streams, and marketing responses. Conventional wisdom equated data with knowledge. But the practice of collecting data in an unchecked fashion is leading to more problems than solutions. While the success of multifactor authentication for online account log-ins has reduced the effectiveness of phishing and malware schemes, criminals continue to develop new techniques for committing financial fraud.

Solving the issue of data loss is complex. However, by combining new technologies with basic security practices, companies can dramatically reduce or even eliminate most data loss. In a new research report, TowerGroup outlines the essential elements for more effective data loss prevention programs:

  • Policy formulation, dissemination, and enforcement
  • Data discovery
  • Risk assessment
  • Data consolidation
  • Access control
  • Communication monitoring
  • Encryption

The new report titled “Safeguarding Personally Identifiable Information: Always Use Protection!” by George Tubin, research director of TowerGroup’s Delivery Channels and Financial Information Security practices, provides an overview of standard information security methods and emerging technologies that organizations should use to prevent data loss.

The report is available to qualified members of the press for review. To request a copy or to arrange an interview with Tubin, please contact Thea Linscott at +1.212.455.8045 or [email protected]. Those interested in subscribing to a TowerGroup research service may call +1.781.292.5200 or email [email protected].

At TowerGroup, Tubin’s research covers a range of issues including consumer online banking, online fraud and identity theft prevention, information security strategy, and customer authentication.

About TowerGroup: TowerGroup is the leading research and advisory services firm focused exclusively on the financial services industry. A respected source for trusted information and advice, TowerGroup brings many of the world’s leading financial institutions, technology companies, and professional services firms a deeper understanding of the business and technology issues impacting their organizations. Headquartered near Boston in Needham, Massachusetts, and with offices in North America and Europe, TowerGroup serves a global client base. Visit www.towergroup.com for more information.