Could the Theft of Millions of Credit Card Numbers Have Been Prevented?; Ingrian Networks Issues Statement On the Importance of Complete Transaction Privacy.Business Editors/High-Tech Writers REDWOOD CITY Redwood City, city (1990 pop. 66,072), seat of San Mateo co., W Calif., on San Francisco Bay; inc. 1868. Manufactures include commmunications, electrical, electronic, and medical equipment. , Calif.--(BUSINESS WIRE)--Feb. 19, 2003 Ingrian(TM) Networks, the leading provider of e-Transaction Privacy(TM) for Internet-powered businesses, today warned that most companies doing business over the Internet may be vulnerable to the same kind of attack that has now affected millions of Visa and Mastercard users. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Ingrian, IT security infrastructures must be bolstered with additional safeguards to thwart these types of attacks. "Most businesses, including the companies affected in this case, already take information security very seriously," said Jim Vogt, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Ingrian Networks. "And yet they and their customers become victims of very serious attacks. Why is that?" The problem, according to Vogt, is that traditional security technologies are inadequate against these types of security breaches. "Tools like firewalls and intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. are important, but the reality is that hackers know how to bypass those defense systems. Businesses must recognize that and apply additional safeguards inside the firewall." So what else is needed? Vogt and Ingrian believe the answer lies in the protection of the data itself. "We've seen a lot of market data that suggest businesses are often providing inadequate protection of the sensitive business and personal data that is processed and stored on their internal servers and databases," explained Vogt. "That data is often stored unprotected, in a format that is easily readable by any hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. that penetrates the system. Or, if the data is encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science , the cryptographic cryp·tog·ra·phy n. 1. The process or skill of communicating in or deciphering secret writings or ciphers. 2. Secret writing. cryp keys are stored on the same system as the data itself. Either option leaves sensitive data extremely vulnerable to theft." The solution, according to Ingrian, is to ensure complete privacy of all sensitive Web transactions, starting when the remote Web user logs onto the network and ending when the transaction data is safely stored on internal systems. To accomplish that, transaction privacy operations and cryptographic services should be managed by a specialized, secure platform so that sensitive data, such as credit card numbers, are automatically encrypted and protected in transit across the Internet and in storage on systems inside the firewall. Just as important, the cryptographic keys should be stored on the secure platform, rather than being accessible on servers. "This is really Ingrian's mission as a company," said Vogt, "to ensure complete privacy of all Web transactions and thus help businesses protect their key information assets." So the question is, could Ingrian have helped prevent the latest theft by hackers of millions of personal credit card numbers? "At this point, the public has not been provided with enough information about how and where the security breach took place," explained Vogt. "However, we do know this. If the theft involved a security breach of corporate application servers and databases, either from an internal or external Web interface, Ingrian's e-Transaction Privacy solutions would have secured that data, rendering it unreadable by hackers - even if the entire physical server was stolen - because the data would have been securely encrypted and the cryptographic keys would have remained safely locked on Ingrian's platform." Ingrian Networks will be discussing the issue of information protection in more detail during an upcoming Webcast on how businesses can help minimize the risk of customer identity theft, scheduled for March 13, 2003. For more information and to register for the Webcast, visit www.ingrian.com. About Ingrian Networks Ingrian(TM) Networks delivers on the promise of e-Transaction Privacy(TM), enabling forward-looking businesses to protect their applications and data in transit across the Internet and in storage on internal servers and databases. The company's comprehensive application security solutions consist of patent-pending security software integrated into a family of secure transaction platforms. The result is complete, end-to-end privacy of all Web-based transactions, including e-commerce, e-mail, ERP (Enterprise Resource Planning) An integrated information system that serves all departments within an enterprise. Evolving out of the manufacturing industry, ERP implies the use of packaged software rather than proprietary software written by or for one customer. , and more. Ingrian is a privately held company privately held company A firm whose shares are held within a relatively small circle of owners and are not traded publicly. backed by such investors as American Express American Express (NYSE: AXP), sometimes known as "AmEx" or "Amex", is a diversified global financial services company, headquartered in New York City. The company is best known for its credit card, charge card and traveler's cheque businesses. (NYSE NYSE See: New York Stock Exchange :AXP The brand name Digital gave to its first family of Alpha-based computers. In 1998, Digital was acquired by Compaq. See Alpha. ), JAFCO Ventures, Partech International, and Prism Venture Partners. For more information, visit www.ingrian.com. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion