https://www.csoonline.com/article/3394048/200-million-record-breach-why-collecting-too-much-data-raises-risk.html
By J.M. Porup
Senior Writer
CSO
May 14, 2019
If you don't collect it, no one can steal it.
Sometimes the best way to secure customer data is not to collect it in the
first place. While it can be tempting to "collect it all" just in case, most
enterprises need far less data on their users to market to them effectively.
Reducing the amount of data collected means that in the inevitable event of a
breach, the repercussions will be far less severe.
"One of the things we're hearing from consumer brands is that they're doing
less," Gerry Murray, director of marketing and sales technology research at
IDC, says. "They're becoming more thoughtful about 'what do we want to know
about you?'"
"For most commercial purposes you don't need to know that many things about a
person, and sometimes you're better off not knowing," he adds.
The apparent breach of a 200 million-record direct marketing list that appears
to originate from a 2015 opt-in list puts the issue into focus.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
