The One Thing You Should Do to Make Your Database More Secure

Every day, we hear about another big data breach. Last year, Yahoo! revealed that 500 million user accounts had been breached. eBay had 145 million accounts compromised. The numbers are getting so big, we’re numb to them.

In some cases, sensitive data was leaked. In others, millions of emails are getting a new flood of spam.

If Yahoo!, the White House, eBay, Anthem, OPM and NATO can get hacked, how can organizations like yours stand a chance and secure your members’ data?

Here at Matrix Group, we believe that every organization needs layers of security so that if one layer (e.g., a firewall) is breached, there is another and another.

But here’s one simple thing you can do to make your database more secure: make sure your user passwords are encrypted.

Why do this? If a server has been compromised, aren’t the individual passwords that least of our worry? Not really.

It turns out most people reuse passwords. Which means if one of my passwords gets hacked AND the password is not encrypted, hackers can try my username and password combination on other sites, including online banking and eCommerce sites.

I hear from clients who say they get many customer service calls from members who forget their passwords. They want to be able to view a member’s password so they can provide good customer care. While I understand this, I don’t think helping out a few hundred members a year is worth the risk to the other tens of thousands. Any database worth its salt has a password reset, which you can easily send to members.

If the passwords in your membership database are not encrypted, please, please ask your vendor to do so ASAP. Don’t wait. Don’t hesitate. Do it now!

 

Joanna Pineda

About Joanna Pineda

Joanna’s business card reads CEO/Chief Troublemaker for a reason. She relishes a challenge and introduces change wherever she goes. She knows anything is possible and that clients come to Matrix to hear "Yes", not "No." Matrix is purple because of Joanna. Staff like to call her JP.

One thought on “The One Thing You Should Do to Make Your Database More Secure

  1. Totally agree. This is a huge security hole. Many of my clients have now moved to encrypting passwords, but not all of them are there yet.

Leave a Reply

Your email address will not be published. Required fields are marked *