Reducing data breach risk through the ‘datensparsamkeit’ approach

Rebecca Merrett

security

Software design firm Thoughtworks is urging companies to avoid storing large amounts of unnecessary personal data, following recent data breaches at Target and Neiman Marcus in the United States.

Datensparsamkeit, as it is referred to in ThoughtWorks' latest Tech Radar, is a German word that translates into data reduction, meaning only storing data that is considered necessary for business as opposed to storing everything and anything that might be useful. By reducing the amount of personal data collected and stored, the risk of an attacker getting a hold of that data also reduces as it no longer exists.

ThoughtWorks' director of technology, Scott Shaw, gave an example of an online retailer that only stores the first two or three octets of a customer's IP address to reduce the risk of a breach.

"It's not necessary to store the entire IP address to get some information. When segmenting and classifying a customer through an IP address, it's really enough to know it's the same IP address from one visit to another," he said.

Sam Newman, a consultant at ThoughtWorks, said companies can still reap the value in targeting products and services to customers without having to collect endless amounts of metadata.

"Say you are targeting an offer to a person or a group. If you know roughly the area they came from - even though a post code is broad - it still tells you things about the area they come from. You might not need any more than that," he said.

"I worked with one market research company and they actually went further than that [only storing part of an IP address]. Every single month they completely changed the algorithms of the identifier [of a user]. So they only ever tracked a person for a period of a month and could never get very fine details on where that person was. They didn't want to get too specific; they didn't need to know the exact address, a postcode was good enough."

Shaw said location tracking on mobile phones is one of the most useful pieces of metadata a criminal can have on a person.

"That's part of this metadata that we continuously hear about that's being collected. People can't really give consent unless they are informed about what the ramifications are, and I don't think the public really understand how much information about themselves they are giving over to a retailer in order to receive the service that they want."

"I think it's also about plausible deniability," adds Newman. "I don't think any of the companies in Australia want to have to give their information to governments or third parties, and they certainly don't want the risk of that information falling into the wrong hands and then getting in trouble. If you don't store it, you can't be asked for it and you can't get into trouble."

1  2  Next Page