For all the talk surrounding the data security limitations of the cloud, a recent data loss incident affecting Morgan Stanley Smith Barney served as a reminder that the cloud may not be so limited after all.
According to a Credit.com report, the financial firm recently revealed that it lost the personal information of approximately 34,000 of its customers when two of its CD-ROMs went missing. The disks, Credit.com stated, contained names, addresses, Social Security numbers, account and tax identification numbers and income data about Morgan Stanley's clients.
The company had attempted to mail the CDs to the New York State Department of Taxation and Finance. However, when the package arrived at its destination, the discs were not included, and they are assumed to have been lost or possibly stolen.
According to the news provider, the information on both discs was password protected but not encrypted.
Jim Wiggins, a spokesman for Morgan Stanley Smith Barney, told Credit.com that there was no evidence the data contained on the discs had been misused or that there was any criminal intent behind the incident. However, given the strict data breach regulations for financial institutions, the company may be subject to fines and other sanctions from industry and federal regulators.
The issue of data security has been a pressing one for businesses within the financial industry, especially now that regulators are bearing down more heavily on such companies following the global economic recession.
This trend was highlighted in a recent study from the Ponemon Institute and Novell, which stated that companies that fail to manage certain data pay an average of $2.1 million each year in compliance-related costs. For financial institutions, these costs are even higher, averaging $2.5 million each year.