Are you running an EMC CLARiiON array with the export encryption option licensed? What works on your desktop isn't really comparable to what Morgan Stanley had on the datacenter floor 10 years ago.
Yeah, but they don't have millions of dollars available and they don't store personal information of millions of people. Morgan Stanley is and was clearly able to afford this license and if you need to handle data this sensitive, you must meet the necessary precautions.
Just because the company has money, doesn't mean the department or line of business does. I didn't read the report but wouldn't surprise me if this was some acquisition infra (it would explain why they hired a moving company)
Building a nuclear reactor without shielding is not okay just because the business department responsible for the construction doesn't have it in their budget this year. If you can't afford to encrypt this amount of data, you can't afford to store it, end of story.
> I didn't read the report but wouldn't surprise me if this was some acquisition infra (it would explain why they hired a moving company)
I didn't read it yet, either, but this seems unlikely - why would an acquisition have so much customer data in their DC? And if they had so much data, why didn't they encrypt it beforehand? Anyway, in the end, it was still Morgan Stanley that hired the moving company, so they f-ed up either way.