Identity theft has become a serious concern today, and while it sometime occurs as a result of careless internet use, it can also be due to a business security breach. The loss of customer data can be very costly to a business, and might easily drive away customers or even lead to legal penalties. In addition, although many small business owners assume that computer hackers and identity thieves only target large corporations, many small businesses have actually been exposed already and don’t even know.
With today’s technology, it is almost impossible to conduct your business activities without collecting sensitive information from your customers. Apart from credit card information and social security numbers, this sensitive information also includes the names, addresses and purchase history of your customers. Do you have policies in place to protect the use and storage of sensitive information? Many small businesses do not and even more would not know if a breach occurred.
One of the reasons why customer data loss occurs is lack of adequate security on the business owner’s servers and workstations. Without adequate security keyloggers and other malicious executables can infect machines and silently steal data unbeknownst to the user. It is worth noting that in most cases, businesses are required to notify their customers in case of data loss. However, many fail to do so, which ultimately can lead to bad publicity, angry customers, lost business opportunities and even hefty fines from regulators.
Another reason why customer data loss has become so prevalent is the fact that many companies today are outsourcing their data storage to third parties. When a third party has not put the right measures in place to protect the data it stores, you may be exposed to customer data loss or theft. This in no way means that you will not be held liable for data lost. You might still be held liable if your customers’ identities are compromised.
Although disappointing, losing your customers data may not always mean legal liability, but you will likely be held liable if identity theft occurs as a result of a security breach on your side. In fact, government agencies are placing more responsibility on companies to protect their customers’ information. As such, you may have to provide evidence that the theft did not occur as a result of your negligence.
It is always important for a business to take the necessary steps to secure its customers’ information. Ensure your security systems are effective and avoid storing more information than recommended. If you are getting rid of any computers, make sure all personal data is permanently deleted, and shred any personal records that are no longer needed. When outsourcing data storage, take the time to find out what kind of security measures the company has and ensure it matches your business needs.