Let us ruminate on how critical financial information systems(FIS) are to a company and how fragile the security systems around it really are. Consider the data breach at Target few Christmases ago in 2013. Around 40 million credit card details were stolen and Target CEO Gregg Steinhafel had to end his 35 year career with the company. It cost the company $252 million in total and after insurance reimbursement, the losses fall to $162 million. For the customers, the possibility of financial losses due to identity theft is still high. Here is a flow table explaining how it occurred (from bloomberg.com):
Like professor explained last class, a good way to fortify your FIS is at the entry point itself. To avoid such hacks we can encrypt critical information before storing in the system. While the rest of the world migrated to chip cards long ago, it’s adoption in the US has been slow and bumpy. Did you know our credit card number and other details are stored in a magnetic strip card without encryption? We still continue to use it in merchant stores and gas stations exposing critical financial information to hackers everyday. On that note, I’d like to start our foray into FIS stating that the system we create is as reliable as the data we feed it and as secure as the measures we take to protect it.