With encryption, sensitive data remains in your business systems - it's encrypted (and of course, can be decrypted). With tokenization, sensitive data is replaced with randomized values in the same format and then completely removed from your business systems and securely vaulted offsite.
For a more detailed description of the differences, grab the short comparison document, below.
• Identity theft accounted for 69% of all data breaches.
• US $20 is the average price for a stolen identity record.
• Despite 45% of American companies that had a ransomware breach paying-off the hackers only 26% of them had their data released.
• A Data breach is one of the top 3 causes of brand damage.
• Tokenization removes the ability to use data when a network is breach
• US $148 cost per Stolen Record Global Average
• $233 per Capita Cost in the U.S.
• $7.9M per Data Breach in the U.S.
• $4.2M lost business
source: Ponemon 2018 Cost of a Data Breach
• 1 out of 4 will experience a breach
• 668 Data Breaches in U.S. in 2018
• 22.4MM Compromised Records
Tokenization and encryption are often mentioned together as means to secure information when it’s being transmitted on the Internet or stored at rest. In addition to helping to meet your organization’s own data security policies, they can both help satisfy regulatory requirements such as those under PCI DSS, EU GDPR or the Australian Privacy Act and Regulations.
While tokenization and encryption are both effective data obfuscation technologies, they are not the same thing, and they are not interchangeable - and of course you can use both in your efforts to protect your data. Each technology has its own strengths and weaknesses, and based on these, one or the other should be the preferred method to secure data under different circumstances. In some cases, such as with electronic payment data, both encryption and tokenization are used to secure the end-to-end process.
•Completely removes sensitive data from ecosystem
•Reduces complexity for companies with flat networks
•Supports burst peak times with horizontal and vertical scalability.
Cloud Saves Money
•Provides data security at a lower cost than buying or building in-house solution
•Reduces hardware, maintenance & personal costs
•Volume-Based Pricing; no transactional, maintenance, or support fees.
So you store all of your customer's details on a CRM in the cloud and the vendor encrypts it all for you - you don't have to worry, right? Maybe not. Encrypting the data is certainly better than just plain text, but encryption can be broken - some easily! Don't leave your company's reputation at the mercy of a cloud provider who is offering you a solution at the cheapest price!
By all means, leave the bulk of customer data in the cloud system, but why not tokenize just the few critical fields that identify your customer and store those tokens in the system - a little extra effort but significant extra security. Have a read of our eBook on the issues, below.
Copyright © 2019 AwareIT - All Rights Reserved.
SYDNEY & MELBOURNE