The market for enhanced data security solutions is surging as higher standards in the payment card industry require vendors to follow stricter security measures to protect sensitive information.
Under regulations established by the "Payment Card Industry Data Security Standard" (PCI-DSS), headed by major credit card companies, any company dealing with credit card transactions is required to implement precautionary measures to protect digital information such as name, birthday, address, and credit card number.
The major PCI-DSS tenets emphasize installing a Web application firewall and encrypting data, which analysts predict could push the global average of companies protecting this type of information to 38 percent.
Experts in Israel however, don't think the country will follow suit. "We found that Israeli companies had high level security systems for preventing external breaches," said Jonathan Turetsky, head of business development for Secure Trends, "but if everything failed, they didn't have protection on the core data."
Secure Trends, the distribution division of Hilan Tech Limited, last month signed a deal to exclusively market the products of the security company Protegrity in Israel.
Protegrity hopes to fill this critical security gap in the Israeli market. The company has a product set ranging from encryption, policy management, role separation, Web application firewalls, and Web application monitors. "Protegrity has a very impressive data protection strategy," Turetsky said.
"Secure Trends knows the (Israeli) market very well," said Gordon Rapkin, CEO of Protegrity, adding that the company plans to market their products to high-level management in an effort to implement Protegrity products company-wide.
"The average cost of a security breach is $180 per customer, compared to $5 per customer cost to properly secure data," Rapkin said." Every time a breach occurs, such as a major incident last year when hackers stole some 45 million customer records from retail giant TJX, companies see the importance of protecting data," he added.
Data protection, traditionally focused on preventing external breaches, is shifting to a broader approach, Turetsky noted. "There's a new wave of security threat that is coming from within the company," Turetsky said. Rapkin added that as much as 70% of breaches are from internal sources.
"The credit card information may be worth way more to the employee than their salary," he said. "I see a lot of data theft because (companies) operate on trust."
"Every time a consumer gives out their valuable personal information, there's an opportunity for tech-savvy criminals to make money, Rapkin explained, "and they are always innovating to find new ways to hijack valuable information - they make plenty of money and don't go to jail."
The solution is for companies dealing with this type of information to operate on a "need-to-know" basis where only authorized employees can view information when necessary, Rapkin said. He added, however, that it's even better to encrypt data when possible, while pointing out that Protegrity's software can show an alert even if an authorized employee views sensitive information at a conspicuous time.
"Trust is not a policy," he proclaimed.