With the onset of public use of the Internet and the World Wide Web, secure handling of sensitive data has become a very important issue. Hackers have become very sophisticated in their techniques for accessing sensitive data stores. It has become more and more common for these hackers to steal and use for illegal purposes, such data stores, which can include private information such as social security numbers, driver's license numbers, calling card numbers, bank account numbers, and credit card numbers. Legislatures have responded to identity theft by enacting laws requiring businesses that store sensitive data to perform certain steps to ensure a particular level of integrity of the data. For example, a law may require a certain level of encryption or firewall protection, or the law may require that if data is compromised, a keeper of the data store so compromised may be required to inform all owners of the compromised data of the breach so that they may take appropriate steps such as informing credit bureaus to issue a fraud alert for their credit records, as well as monitoring their credit records for fraudulent activity.
A common method of storage of sensitive data involves encrypting the data and storing it in a database. Thus, data regarding a particular entity, such as a customer, is stored in common facilities. To access the data, a hacker need only figure out how to break in to the facility and how to decrypt the data, and the hacker would then have enough information to be able to make fraudulent use of the data. For example, if a hacker broke into a telecommunications client's database and managed to obtain a customer's identity and card number, the hacker might be able to fraudulently make thousands of dollars of calls using the information.
Therefore, there is a need for more secure storage of sensitive data.