Ukuqala Okusheshayo Kwezingcweti Zezezimali
Ukuphepha kwedatha kuyinkinga enkulu yokukhathazeka embonini yezinsizakalo zezezimali ngoba ihlotshaniswa nezindleko ezinkulu zezezimali nezokuzibiza. I-Cybercrime eqondisa amafemu ezemali isanda.
Ngakho-ke, ukunakwa ezindabeni zokuphepha kwedatha akufanele kuhileleke kuphela amalungu omsebenzi wezobuchwepheshe bezokwaziswa , kodwa futhi nokuphathwa kwezinhlekelele kanye nabasebenzi bokuthobela , kanye namalungu ezinhlangano zezilawuli kanye nezikhulu zezimali eziphezulu.
Ngaphezu kwalokho, ochwepheshe bezokuphathwa kwezezimali kwezinye izimboni kudingeka baxoxisane nezihloko ekuvikelekeni kwedatha, kunikezwe ukutholakala kwezezimali.
Ukuvama nokunyuka kwezindleko ezinkulu zokuphepha kwedatha, ezithinta amabhange, amafemu okutshala izimali, amaprosesa wokukhokha electronic, amanethiwekhi ekhadi lesikweletu, abathengisi abathengisa nabanye, okwenza lokhu kube yindawo okubaluleke kakhulu ukungazinaki lezi zinsuku.
Izinkinga Zokulondoloza Idatha:
Ukuphepha kwedatha ezinkampanini ezamukela ukukhokha ngekhadi lesikweletu namakhadi we-debit kuhilela ukuthatha ukunakekelwa okuningi ngokuphathelene nokukhethwa kwezinqubo zokukhokha nge-elektroniki. Kunamakhulu ezinkampani kulo mkhakha wezamabhizinisi, kodwa kuphela i-subset ilinganisiwe i-PCI Iyavumelana noMkhandlu Wokulinganisa Umkhakha Wezokuphepha Emkhakheni Wokukhokha. Abakhiqizi bekhadi lesikweletu esikhulu (i-Visa, MasterCard, njll) bazama ukuqondisa izinkampani ekusetshenziseni amaprosesa wokukhokha ahambisana ne-PCI kuphela.
Ukulondeka kwedatha mayelana nokuthengiswa kwekhadi lesikweletu kanye nokucubungula ikhadi le-debit, njengama-cash registers, amaphampu kagesi kanye nama-ATM, ngokuya ngokuyekethisa futhi kunzima yizinhlelo zokuba izinombolo zekhadi kanye ne-PINs. Eziningi zalezi zinhlelo zisebenzisa ukubeka okuyimfihlo kwama-chips e-RFID (ama-radio frequency identification chips) ngamasela wedatha kulezi terminals ukuze "ahlole" leyo datha.
Inkampani yokuphepha i-ADT ingumthengisi onika isofthiwe ye-Anti-Skim, edala izexwayiso lapho kutholakala ukuphulwa kwedatha kwalolu hlobo. Ukwengeza, i-Qualified Security Assessor (QSA) ingazibandakanya ukuqhuba inhlolovo yokuthola inkampani kulezi zinhlobo zokuphulwa kwedatha.
Ukulondeka kwedatha kaningi kuxhomeke ekuvikelekeni ngokomzimba ezindaweni zokuxhumana. Lokhu kuhilela ukuqinisekisa ukuthi abasebenzi abangagunyaziwe bagcinwa ngaphandle. Ukwengeza, abasebenzi abagunyaziwe abakwazi ukuvunyelwa ukususa amaseva, ama-laptops, ama-flash drive, ama-disks, amateyipu, ama-printouts, njll, aqukethe ulwazi olubucayi kusuka ezindaweni zenkampani. Ngokufanayo, kufanele kube nokulawulwa kokuqapha ukubuka kwabasebenzi abangagunyaziwe ngolwazi olubucayi olungadingeki ekukhishwe kwemisebenzi yabo.
Ngaphandle kwezivumelwano zokuphepha nezinqubo ezakhiweni zenkampani yakho, imikhuba yabathengisi bangaphandle yokucubungula idatha kanye nezinsizakalo zokudlulisela kufanele ihlolwe. Isibonelo, uma inkampani yangaphandle yesithathu ibamba iwebhusayithi yenkampani yakho, kufanele ukhathazeke ngezinqubo zayo zokuphepha kwedatha. Isitifiketi se-SAS-70 yisimiso esivamile senqubo yokuphepha eyanele mayelana nokuxhumana kwangaphakathi, okudingekayo yi-Sarbanes-Oxley Act yamafemu olwazi lwamahhala olwaziwe obala.
Ukusetshenziswa kwezivumelwano ze-SSL kuyisimo sokuphatha idatha ebucayi ngokuphepha ku-intanethi, njengokufaka kwamanani ezinombolo zekhredithi ngokukhokha kokuthengiselana.
Izindlela Ezinhle Zokuvikela Inethiwekhi:
Izici eziyinhloko zokuphepha kwenethiwekhi ezithinta ukuphepha kwedatha zivikela abantu abaduni kanye nokukhukhula kwamawebhusayithi noma amanethiwekhi. Kokubili iqembu lakho lolwazi lwe-in-house kanye nomhlinzeki wezinsizakalo ze-intanethi (ISP) kumele libe nezinyathelo ezifanele ezikhona. Lokhu futhi kuyinkinga yokukhathazeka mayelana nezinkampani zokubamba iwebhu nezinkampani zokucubungula izinkokhelo. Bonke laba abathengisi bangaphandle kumele bakhombise ukuthi yiziphi izivikelo abanakho.
Futhi, imikhuba engcono kakhulu ekhombisa ukuthi kunamakhompiyutha wedatha yakho yenkampani, izikhungo zedatha, kanye nokuphathwa kwedatha yizo ezifanayo okufanele uziqinisekise zikhona kuzo zonke abathengisi bangaphandle zokucubungula idatha, ukukhokha izinkokhelo, izinethiwekhi kanye nezinsizakalo zokubamba iwebhusayithi.
Ngaphambi kokungena kunoma iyiphi inkontileka nomhlinzeki wesithathu, kufanele uqiniseke ukuthi unezitifiketi ezincane ezifanele ezivela ezigumbini zangaphandle ezizimele (njengoba kuchazwe ngenhla) futhi uzinikele ngokuzikhandla kwakho, okuholwa ngabasebenzi bezobuchwepheshe benkampani yakho ngolwazi olufanele noma ngabaqondisi abangaphandle abaqeqeshiwe.
Njengokucatshangelwa kokugcina, kungenzeka ukuthenga umshwalense ngokuphathelene nezindleko ezihambisana nokuphulwa kwedatha. Izindleko ezinjalo zihlanganisa izinhlawulo nezinhlawulo ezikhokhwa ngamanethiwekhi amakhadi esikweletu (njenge-Visa ne-MasterCard) ngenxa yokwehluleka okunjalo, kanye nezindleko abazibeka kubanikezeli bekhadi (ikakhulukazi amabhange, izinyunyana zemalimboleko kanye namafemu okuphepha) ngokukhansela amakhadi esikweletu namakhadi , ukukhishwa okusha nokwenza amalungu ekhadende lonke ngenxa yokuphulwa okubangelwa yinkampani yakho, izindleko abazozama ukuzikhokhela enkampanini yakho.
Umshuwalense onjalo ngezinye izikhathi ungahlinzekwa ngokukhokha amafemu, kanye nokutholakala ezinkampanini zomshuwalense ngqo. Ukuphrinta okuhle kulezi zinqubomgomo kungenziwa ngokuningiliziwe, ngakho ukuthenga umshuwalense onjalo kudinga ukunakwa okukhulu.
Umthombo oyinhloko: "Ukudambisa imininingwane ye-Breaches," i- Forbes , ngo-7/18/2011.