Last updated: 28 July 2016
The End of Support (EoPS) for entrenched solutions can amplify a variety of issues including non-compliance, the threat of a breach, or even financial troubles, especially when those products are managing critical key management and encryption security functions.
With the RSA Data Protection Manager (DPM), BSAFE, and tokenization client EoPS looming in the near future, does your company have a plan as September 2017 quickly approaches?
Let’s explore the risks associated with not migrating from your current RSA implementation and working with unsupported products:
#1. No Support and Limited Product Updates
Without support, you cannot trust that your enterprise key management, APIs, and tokenization functions are running in a secure manner, that they have not been compromised, and that you are not leaving yourself exposed. It is common practice for End of Life (EoL) product support teams to be disbanded and dispersed to other business lines, leaving you without proper support even prior to the EoPS period.
Product support and updates keep your on-premises, virtual, and cloud-based data assets safe. It is vital that a company ensures its operating systems, software, and security procedures are regularly updated so that one can address new vulnerabilities and meet regulatory compliance requirements. Doing so is a large step in defending against the majority of network security threats.
The Home Depot Breach is an example of a breach due to using out of date software in its stores. The biggest data breach in retailing history compromised of 56 million customer credit cards. Privacy Analytics infographic estimates that a company will spend $208 per person after a breach, therefore, the cost to Home Depot is 56 million x $208 = $11,648,000,000, plus fines.
Regardless of your industry and its associated compliance mandates such as SOX, NIST, HIPAA, PCI-DSS, and more, adhering to the standards, industry laws and regulations, and following best practices strengthens your IT security. As new technologies such as cloud emerge, so do new forms of attacks that require different defences. Penalties for non-compliance can include payment for damages, legal fines, and loss of customers, resulting in damage to your reputation and business opportunities. Put yourself in a position where you can better protect your clients and assets by working with supported and proven IT security solutions.
An example of a breach suffered due to non-compliance is Anthem. In February 2015, health insurance company Anthem suffered a data breach that compromised an estimated 78 million people. 78 million x $208 = a cost of $16 billion to Anthem, not including fines.
#3 Increased Costs and Loss of Reputation
The cost of migrating your security infrastructure is next to nothing in comparison to the extent of damage and loss of reputation suffered by companies that have been breached. Staying compliant will reduce costs by streamlining processes and solve the challenge of repeatedly having to deal with the same types of issues. Downtime, loss of control, and increased costs go hand in hand with a breach, destabilizing your company and customer trust. Avoid the irreversible damage to your reputation and increased costs of a breach by being proactive and migrating to supported products.
MyBizHomepage is an example of a company that went out of business due to a breach. The online company that was once valued at $100 million was attacked by disgruntled ex-employees that crippled the site. After the company spent over $1 million in an attempt to resolve the breach, the company’s board decided to take the site down because it had been rendered useless.
#4 Increased Breach Risk
Breaches happen, so in planning for the inevitable you need to ensure you have the most current technologies and processes in place. It is hard enough for organizations to protect, detect and respond to a breach, so why add to an already existent risk. Staying up-to-date is just good practice – avoid a gap in security.
Sony’s out-of-date software assisted hackers in gaining access to pre-release movies, people’s private information, and sensitive documents. Sony’s servers were outdated and unpatched, helping hackers gain access to their systems, and resulting in a cost of somewhere between $15 and $35 million.
What are you waiting for? Take action now!
Unsupported products leave you exposed to a variety of vulnerabilities that can cost the company its reputation, complicate both internal and external audits, present compliance violations, and increase both the time and dollars required to manage an IT security infrastructure. Why risk it?
Learn how Gemalto can help mitigate your risks with SafeNet KeySecure centralized key management, SafeNet ProtectApp for encryption of application data, SafeNet Tokenization for protecting sensitive information, and Gemalto’s full suite of SafeNet Data Protection Connector products including file, database, and virtual machine encryption.
Begin your migration efforts now to navigate the issues that could arise, properly whiteboard your migration, and ensure you have time to for proper testing. Gemalto offers proven experience with successful RSA DPM, BSAFE, and tokenization migrations under our belt. We will help you understand what the impact of not migrating means to your business, and how you can avoid raising those red flags.