Business Responsibility & Data Breaches
The Importance Of Businesses Protecting Consumer’s Data
Published November 8, 2017
Major businesses like Equifax, Yahoo, Verizon and others appeared before a Congressional Hearing today to discuss the responsibility of ALL businesses today taking reasonable steps to protect consumer’s data.
Small businesses should NOT ignore this hearing, and write it off as Congress only going after the big boys.
The responsibilities that Congress is holding Yahoo and Verizon to, will ultimately be required of Main Street businesses.
Small mom and pop’s and other businesses on Main Street MUST pay attention and follow these requirements as well!
Nearly EVERY business small or Fortune 500, has a website collecting consumer data today.
How This Affects Main Street
This affects EVERYONE, and how they handle their customer’s information (even if it’s only name, address, email, phone, and date of birth for loyalty reward purposes).
In today’s world, that’s enough information for thieves, hackers, and those with malicious intent, to wreak havoc on a consumer’s online profile, and in some instances, identity theft (despite not having the social security number).
Congress is bent, and rightfully so, on holding businesses accountable and responsible for the consumer data they collect, store, disseminate, or in these cases, allow to be stolen due to breaches of their systems.
Even if the information the business collects is readily identifiable data; while it may be difficult for criminal prosecution with intent, there’s still the potential of criminal negligence.
At the very least, there’s the melee of negative press that will surround the company for allowing the breach, and failing to properly secure it’s data, network, and sensitive information.
Basic Best-Practices To Implement NOW!
The following are some minimal steps to take to understand the risks, and secure the company’s systems as best as possible.
There’s no 100% secure option anytime there’s a connection to the internet and world communications.
However, the following will greatly reduce and minimize the risk, thus showing the initiative and implementing best-practices:
1. Training & Awareness
- Understanding and recognizing the data collected, how it should be handled & protected, as well as what impact it may have if stolen is a necessary first step.
- Limit the sharing of sensitive information by properly instructing employees and users on proper protocols and disseminating of information.
- Follow today’s best practices for user security and password standards, thus making it more difficult to break in to a secure system.
2. Handling & Encryption
- It’s important to understand the best practices in handling and storing consumer data; especially by using secure encryption technologies when dealing with sensitive information.
- Go beyond the making sure the network the data is transmitted on is secure, and protect the data where it is stored with proper security and encryption best-practices.
- By encrypting the data, even if it’s stolen, it may still be useless if the hackers cannot break the encryption.
3. System Monitoring & Vulnerability Assessments
- Make sure proper systems are in place to monitor user access, as well as potential system vulnerabilities that may lead to a breach of data.
- It’s a company’s responsibility to be aware of all system accesses, points of entry, and potential vulnerabilities.
- Regularly run vulnerability tests to confirm overall system health and security.
- Overall monitoring can detect and prevent intrusions from unwanted sources that can result in security or data breaches.
4. Updates & Patch Management
- Keeping current systems and softwares up-to-date with the latest patches and software updates is of paramount importance to overall system security and avoiding breaches.
- Any security update or patch should be installed immediately upon notification to avoid prolonged risk exposure.
5. Content Filtering
- Content filtering allows company’s to secure company assets and networks against malicious software (malware) and potential hackers attempting access.
- Failure to use proper content filtering can result in users inadvertently downloading malicious files that can disable and override security systems in place, thus creating a security breach.
6. Emergency Response Plan
- Have in place a strategic plan for dealing with theft, hacks, or security breaches.
- Be sure to have an emergency backup plan with secure and reliable backups in place; secured separately for recovery efforts when needed.
Following the above noted suggestions are a bare minimum for today's businesses that are concerned about following best-practices, and securing their consumer's data to avoid theft, and at worst negative press coverage and inconvenience.
Newsletter Archive Topics
- Design & Development
- General Information
- Marketing, General
- Online Security
- Organic / Natural SEO
- Search Engine Marketing
- Website Conversion
- Website Technologies
Newsletter Article Ideas?
We want to hear about it! Our newsletter is geared towards you so email your article ideas or questions to firstname.lastname@example.org.