Online merchants may need to take steps to ensure the internal security of the data they hold.
According to Paul Kenyon, chief operating officer of Avecto, address data and other sensitive information should only be accessible to those who need it.
What this means in practice is that data management processes must impose strict guidelines on database administration rights, Mr Kenyon explains.
He went on: "What we see in many organizations is, because it is virtually impossible to manage user privileges based upon the individual roles or requirements, what inevitably happens is [that] you usually get given admin rights."
Seth Robinson, author of the CompTIA report Trends in Cloud Computing, suggests that companies are starting to become more aware of data security issues - especially as many look to take advantage of the cost benefits of using virtualized data storage.
Posted by Paul Newton