How Bank of America is prepping for a data breach

To understand how information moves through a company and all its associated business partners, mapping data's journey through the business supply chain can help pinpoint weakness or areas where it may be easier for outsiders to access data.

These data maps include where hand-offs and data exchanges to outside partners occur, said Ed McAndrew, assistant U.S. attorney at the U.S. attorney's office for the district of Delaware. Mr. McAndrew was speaking at the ALM cyberSecure conference in New York earlier this week, according to the Wall Street Journal. Mr. McAndrew likened these data maps to the Marauder's Map of the Harry Potter series which shows where people are at all times, and when they are moving.

According to the WSJ, Bank of America creates these data maps — and requires them from all third party partners and vendors — to have an overarching view of data movement. JoAnn Carlton, general counsel for Bank of America, also was speaking at the conference and said she would stop working with third-party partners like vendors and suppliers if they don't assume responsibility for the bank's data when it goes through their systems.

"I was called into a meeting where a vendor didn't want liability in the contract," Ms. Carlton said at the conference. "My first question was what data of ours do they have access to. If it's [personally identifiable information], we're walking away."

More articles on data breaches:

90% of non-health industries experience PHI breaches: 6 things to know
VA to Congress: Cybersecurity & data breach update
UW Medicine reaches $750,000 HIPAA settlement for 2013 breach

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers