"We’ve all seen the reports about what goes wrong when proper controls are not implemented while storing and transferring data. Large enterprises face messy notifications, customer dissatisfaction and, in many cases large fines. In fact, a data breach in the U.S. comes with an average price tag of $5.5 million, according to a 2011 Ponemon Institute study.
This paper from Imation Mobile Security explains when compliance alone may not offer the protection enterprises need to prevent data breaches that can cost millions of dollars, inflict untold damage to corporate brands and customer relationships, and invite weeks or months of negative publicity.
The paper pays special attention to the difference between FIPS 140-2 Level 2, a standard of protection that meets the vast majority of compliance requirements, and FIPS 140-2 Level 3, a significantly higher level of protection designed to put sensitive data beyond the reach of a much larger population of hackers and thieves."