BitArmor offers money-back guarantee for data breach but no loss compensation
Encryption provider offers pro-rated refund if a customer's data is breached, but others in the security industry say that's a far cry from offering to pay for any losses resulting from a breach.
Encryption provider BitArmor on Thursday said it would offer a money-back guarantee to customers whose data is breached, but didn't go so far as to offer to pay for any losses incurred from the breach.
"Our ability to protect data exceeds what anyone else is offering in the marketplace," said Patrick McGregor, BitArmor co-founder and chief executive. "If BitArmor data is protected in a way where our controls or protections are breached and the company has to publicly disclose that breach, we will give the money back."
The offer is valid only with the purchase of a three-year license and platinum-level support package. Refunds will be pro-rated for the time left on the contract and data breaches must be publicly disclosed, according to the company Web site.
"We understand the cost of a breach might be larger than our offer, but we are committed to sharing the responsibility of your data security," the Web site says.
Paul Kocher, president and chief scientist of Cryptography Research, said he was skeptical of the BitArmor guarantee and said his company has offered to cover its customers' losses in certain circumstances.
"The purpose of encryption products is to prevent rare, giant losses," Kocher said. "Getting your money back isn't what you want. You want your expenses and costs reimbursed."
Phil Dunkelberger, chief executive of BitArmor competitor PGP Corp., said the money-back guarantee isn't much different from what most warranties offer.
Pittsburgh-based BitArmor's DataControl software offers disk encryption for laptops and persistent file encryption for data, regardless of what type of device it is on.