Blancco’s targeted data destruction software keeps hazardous information waste out of the wrong hands

ATLANTA, January 22, 2008 – Visa estimates that nearly one in every three consumer purchases in the United States is made with a payment card, leading to the exponential growth in information pollution – too much data stored in too many places. According to experts at Blancco, the global leader in data cleansing and end-of-lifecycle solutions, a simple swipe of a credit card presents unnecessary risks alleviated by the implementation of robust data destruction processes.

“Merchants are storing more detailed information than required by credit card companies and are keeping this data longer than required by the U.S. Fair Business Credit Act, leaving consumers open to identity theft and other crimes,” said Markku Willgren, North American vice president of business and sales development for Blancco. “Adding to this vulnerability, the data is often unnecessarily stored in multiple locations, ranging from point of sale (POS) registers to store servers and data centers.”

The Payment Card Industry (PCI) Security Standards Council has set forth numerous security requirements to protect the privacy of customer data.  Yet, according to a recent study by Forrester Research, encryption is increasingly being used as the most common method for compliance.  Encryption and virtual private networks (VPNs) for all transmitted data, however, do not protect the data at rest at either end, leaving information potentially accessible to criminals and hackers.

“Data in transit has become much more secure with the use of encryption, authentication, VPN technologies, secure shell, secure HTTP, WPA, firewalls, and other security measures, especially in the wake of recent high profile data breaches of wireless transmissions,” said Willgren. “However, data at rest in too many locations for too long may become a target for criminals and, over time, weaken encryption protection.”

To minimize the risk to stored data, Willgren offers three suggestions:
· First, merchants should collect only necessary information – such as the credit card number versus complete magnetic strip information.
· Data also should not be stored in the wrong places – credit card numbers should not reside on a Windows POS system after a completed transaction and transmission to a store server.
· Finally, data on the Windows POS system or store server should be permanently destroyed as soon as possible after transfer to the data center.

Scalable Data Destruction Software Keeps Sensitive Data Safe
Permanently destroying data requires more than basic Delete File and Empty Recycle Bin commands, which only remove direct pointers to data sectors and leave data recoverable with common software tools. In addition, the sheer volume of transactions makes these commands too laborious for POS staff or even store and data center IT personnel. The bottom line: Continuous IT housekeeping practices for effective, PCI compliant security require a centrally managed process that automatically destroys sensitive data in a timely manner.

Fully PCI compliant, Blancco’s File Shredder was developed for targeted destruction of sensitive data and allows IT personnel to automate housekeeping tasks with Department of Defense-grade permanent erasure on a time- or event-driven basis. The software leaves operating systems and applications intact on storage devices, while pinpointing sensitive information. Blancco File Shredder also logs the activity and creates documentation, which further supports PCI compliance. And, unlike other Windows desktop products that perform similar tasks, File Shredder scales from desktops and point-of-sale systems to servers and data centers.

“Blancco File Shredder is not an alternative to encryption, but a way to remove data before encryption is required,” said Willgren. “Encryption itself is a computationally demanding process, and the less data a merchant maintains, the less encryption is required. Removing the opportunity for theft by destroying data is better than adding locks.”

File Shredder helps users mitigate the risks associated with a data breach.  By providing ongoing housekeeping for targeted data destruction, the program is a critical tool in PCI compliance programs and an important factor in the reduction of the ever-growing problem of data pollution.

About Blancco
Blancco is the global leader in professional data cleansing and end-of-lifecycle solutions.  The company has sold over seven million licenses and serves users across a wide range of industries, including banking, finance, government, and defense.  Blancco’s advanced data erasure products provide 100% secure hard drive cleansing and support more than 10 international data erasure standards.  The company’s tools also provide the detailed reporting required to meet today’s government, industry and vendor privacy and security mandates.  Blancco’ s data erasure products are available through the company’s website and through resale partners, and are trusted by 41 recycling, refurbishing and remarketing centers across the U.S.  Founded in 1997, Blancco has nine international offices in more than 20 countries. More information is available at www.blancco.com.

Media Contacts:
Rob Connell
Marketing Manager
Blancco Ltd
Länsikatu 15
80110 Joensuu
Finland
Tel: +358 207 433 878
Fax: +358 207 433 859
rob.connell@blancco.com