Do We Really Need To Encrypt Our Customer Data?

by drjim on December 16, 2015

Just how secure do we need to keep our data?

Just how secure do we need to keep our data?
Image Credit: Michelangelo Carrieri

Guess what: there’s been another hacker break in. This time it happened at the big U.S. healthcare provider Anthem. Nobody’s quite sure how big of a breech it was, but initial guesses are saying that tens of millions of customer records may have been copied by hackers. What makes this break-in even worse is that Anthem didn’t bother to encrypt the customer data that was sitting in their database. This means that the thieves got valid social security numbers that they could use for all sorts of bad things. What should the person with the Anthem CIO job have done?

The Case For Encrypting Customer Data

Somewhat amazingly, Anthem stored customer data, including social security numbers, for over 80 million of their customers unencrypted in a database. What was their CIO thinking? If Anthem had taken the time to scramble or encrypt the social security numbers that they were storing, then when the hackers broke in they would have been less valuable to them and less useful for them to use in bulk.

The shortcomings of Anthem’s customer data storage decisions were revealed when they were hacked. It was discovered that hackers had broken in and had made off with copies of the healthcare data records for 10’s of millions of Anthem’s customers. It is believed that this may be the single largest data breech that has ever been disclosed by a health-care company. The hackers were able to gain access to Anthem’s systems by using a stolen employee password to access the database where the social security numbers were being kept.

The question that Anthem CIO has been wrestling with is trying to determine if it is really worth it to use the importance of information technology to transform their corporate network into a locked down security zone? There are many different things that a company can do in order to secure it’s customer data. These include using random pass codes, limiting access to their databases from outside of the office, or using some form of complex math to scramble their customer data. However, all of these approaches come with their own set of drawbacks.

The Case For Not Encrypting Customer Data

Why ever would a CIO consider not encrypting customer data. The answer to that question is pretty simple, there is a cost associated with encryption. CIOs are tasked with striking a careful balancing act between keeping customer information secure and at the same time making it useful to the company’s employees who want to use it.

If Anthem had gone ahead and encrypted its customer data, then it would have become harder for its employees to track heath care trends or share data with both state and other heath care providers. When data is encrypted, it will slow the company’s applications that access that data down. Sometimes the slowdown will be so noticeable that the data becomes virtually unusable.

Anthem understands that it is required to maintain a customer’s social security number in their system so that that member can be uniquely identified. They also understand that when the data is outside of the database, they have to keep it secure. That’s why Anthem encrypts customer data when it moves in or out of its database. However, it is not encrypted when it is being stored in the database. Anthem uses other measures, included elevated user credentials to limit access to their customer data when it is being stored in the database.

What All Of This Means For You

What seems like a very clear case of the person in the CIO position not doing his or her job in the case of the Anthem data breech turns out to be a bit more complicated. We do know that hackers gained access to Anthem’s network and then by using some sophisticated tools were able to access the health care records of tens of millions of Anthem customers. These records were stored in an unencrypted format in the Anthem database. It’s not clear if they should have been encrypted.

Clearly, if the records had been encrypted then their value to the hackers would have been much less. However, the CIO brings up the good point that encrypting the data would make it much harder to manage and to exchange with other organizations that wanted to use it. Additionally, the hackers may still have been able to access it using different types of tools.

What CIOs need to understand is that their responsibility is to ensure that their customer data is kept secure. This means that they need to prevent hackers from being able to break into their networks in the first place. However, in the case that hackers do breach the company’s walls, the CIO needs to take steps to make sure that no confidential customer data can be stolen.

– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: If customer data is stored in an encrypted format, what would be the best way to exchange it with a business partner?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

Guess what CIO: there is a revolution that is just starting in the world of computer networking. Sure, you know about the importance of information technology but are you going to be ready for this? For the longest time, we’ve all been building our networks in pretty much the same way: we go to a big equipment vendor such as Cisco, Juniper, HP, IBM, etc. and buy a bunch of boxes. We then string them together, get some expensive software and then sit back and hope that everything connects together. It turns out that there is a better way to do all of this.

Be Sociable, Share!

{ 2 comments… read them below or add one }

Craig November 22, 2016 at 8:16 am

Nice article, although I’m not sure encryption is always the right answer in these cases. Encryption is great for data that is carried on laptops and mobiles that might get stolen. But when you’re talking about enterprise server-side applications, it’s a whole kettle of fish, as so many people need access to the data you can never really say it’s encrypted.

I’m no expert, but this blog post explains it better than I can: https://intruder.io/blog/posts/why-encryption-is-not-the-answer

Reply

drjim November 24, 2016 at 9:09 pm

Craig: both you amd the article that you referenced do bring up a good point — encrypting internal data opens a whole can of worms. However, if someone gets into your network, the last thing that you want to do is to make it easy for them to walk off with the company’s “crown jewels”. Protecting your most valuable data just might be worth the extra hassle that encrypting will cause…

Reply

Leave a Comment

Previous post:

Next post: