Learning from Morgan Stanley’s Data Breach

Morgan Stanley Admits to Loss of Unencrypted CDs” reads the latest data breach headline in SC Magazine. I can’t help but shake my head as this could have been easily avoided.  The lost information contained 34,000 client account and social security numbers, among other confidential data.  The CDs were delivered in tact to the New York State department of taxation and finance’s mail room and disappeared somewhere between there and the intended recipient’s hands.

IT departments worry about data security and do their best to put systems in place to prevent this kind of data breach.  So how does it happen?  Some of the biggest risks come from employees who work around an IT mandated solution.  In this case, it looks like there was a file too large for either Morgan Stanley’s, the recipient’s, or both systems’ email restrictions.  For the employee who opted to mail the unencrypted CD, the magnitude of the potential loss and risk involved may have never crossed their minds or took a backseat to Getting the Job Done.

You, as an IT professional, can easily save the day and provide a way for your users to share information and collaborate securely.

In addition to banning CDs, thumbdrives, free dropbox-type of applications, FTP or USB sticks, implementing secure file sharing technology such as Accellion’s helps enterprises securely share files in a way that can be seamless to employees and their intended recipients.  With Accellion, you can track and manage who has sent and downloaded what file, where, and via what device.

Since Accellion supports any file format and size, I suspect Morgan Stanley’s CDs were used to transfer files an Accellion user would’ve been able to send easily.  With Accellion, shared files are stored securely on a server, so issues with the recipients’ email storage limits are also bypassed.  And the file is encrypted in transit and at rest.

Some of the world’s leading financial services organizations use Accellion to protect their sensitive data including: AEW Capital Management, American Capital, Australian Unity, Bank of Scotland, Bank of Spain-Miami (Banco Santander), Cigna WorldWide Insurance Company, Covenant Bank, Deloitte & Touche CA, Georgia Bank and Trust, Farmers Insurance Group, Federal Credit Union, HeathMarkets, IMA Financial Group, Inc., KPMG, MIB Solutions, PFS Global Ltd., Princeton Financial Systems, United Community Bank, ViewPoint Bank and Xpress Holding to name a few.

Financial services firms need to protect their sensitive data in a way that’s easy-to-use for employees and easy-to-manage for IT staff.  Accellion solutions can help.

See All Blog Posts >>