Customers are the lifeblood of your business. So when they trust you with their personal information—whether their email address, birthdate or credit card number—you should do all you can to protect it.
With millions of employees working from home during the COVID-19 pandemic, securing data has gotten all the more challenging. Yet, the stakes are higher than ever, says Pieter Vanlperen, managing partner of PWV Consultants, a New York City-based technology consulting firm. Not only could a business be sued after a data breach, but it may also lose customers.
“When data is not protected, businesses are on the hook for anything that happens should that data become exposed,” Vanlperen says. “This can include legal fees, reparations, loss of business due to lost trust, fines from compliance bodies, and more.”
So, how can businesses protect customer data and, in turn, themselves? Here are five key steps:
1. Collect and store only the data you actually need
You may be tempted to collect as many personal details about your customers as they’re willing to give you, but that heightens your risks in the case of a data breach. Instead, avoid collecting and storing information that’s not relevant to running your business. For example, even if you collect birthdates for email marketing purposes, you probably don’t need to collect birth years, Vanlperen says.
“People are getting very privacy aware now,” he says. Consumers become leery when businesses ask for too much personal information—and may even walk away from a transaction or online sign-up form if they don’t want to provide it.
2. Keep data securely on the cloud
It’s generally safer to store customer data on the cloud than on, say, employees’ computer hard drives—which can be easily hacked by someone who gains entry to an employee’s home network. Reputable software-as-a-service (SaaS) companies and online data storage providers—whether Google Drive, Dropbox or HubSpot—put a lot of effort and money into securing their data centers and preventing breaches.
That said, business data stored on the cloud is only as safe as the measures you proactively take to protect it, such as creating strong, unique passwords for every online account and enabling multi-factor authentication when it’s available.
3. Limit employee access
One of the biggest mistakes businesses make when it comes to securing data is giving too many employees access. “The number one thing I see businesses mess up is setting appropriate access controls,” Vanlperen says.
For example, a business might create just one account for an online platform and then let any employee access it using a simple (read: easy-to-steal) password like “1234.” Or they give too many employees their own accounts, including people who don’t need access.
Instead, they should allow access to customer data only by those employees who have legitimate reasons to access it. Moreover, every employee who is granted access should have an individual account with a unique log-in and password.
4. Use cybersecurity software—and keep it updated
Every device that employees use for work—even personal devices they might be using to check work email—should have a reputable antivirus and malware software installed. Some business internet providers offer such software to their customers. Spectrum Business Internet customers, for example, receive a free security suite called F-Secure that can be installed on up to 25 devices.
The software can prevent employees from visiting the wrong websites that might expose them to malware and other attacks that can compromise business data.
Moreover, instead of allowing employees to use personal laptops, tablets and smartphones for work, it’s generally safer to provide them with devices designated solely for work and install antivirus software on those devices, Vanlperen says.
5. Train employees to play it safe
Businesses are more easily hacked when all their employees are working from home, because hackers have more potential entry points. It’s important to train your employees on how to secure their home networks and any devices—as well as supply them with the right cybersecurity tools.
For example, all employees should have access to a password manager that allows them to create long, unique and strong passwords for every account and easily access those passwords when they need them.
Spectrum Business Internet offers services that can help businesses reduce their cybersecurity risks. Contact us at 855-299-9353 to learn more.Print this article