Much if you want to talk about information leaks, information sales, misuse of information and so on …. personal data in the digital world are becoming more common everyday right? What is being useful for this breakthrough? Are we ready to migrate to the “cloud”?
These are sometimes inspired by all the things they develop anywhere, from systems to desktop localization systems, but it’s true! Does the whole system have personal data or not, and can that data be stolen and sold?
The many ways to measure the impact of information leakage, such as the OWASP Risk Rating Methodology, which explains risk measures and impacts.
Empty my clients and now?
Every company should follow the procedures for leakage cases and develop its safety protocol. The damages depend on the nature and is an opera of the company. Institutions are more impacted by nature. Let’s look at an example of the impact of leaking information that affects a digital bank:
the Public Prosecutor’s Office asks for a condemnation of the payment of R $ 10 million, a title of indemnity, the reason why are not taken care to ensure the personal data security of its customers and non-customers.
So the impact of lack of security on a company is gigantic, but are not the risks? In the security tests? In the training of developers for the development of security-guided?
The result of your company can be this too! Remember that security testing is functional! Why are not they validated?
Law No. 12,737 / 2012 (Call of Law Carolina Dieckmann) prohibits any type of invasion test, provided that this production is consented by the owner of the information device or information.
More about the law
Therefore, no invasion tests are done on devices / systems that are in Brazil, there are countries that are within reach of your efforts, you can make money! Stay tuned!
Like it? Leave your comment and help improve this series of posts to come!
Translated by: Google Translate