Ready to Get Started?
Let us know you're ready to speak with one of our attorneys.
April 24, 2017
Voluntarily or not, your customers have to trust your business processes. While you may be unaware of the extent to which that trust goes, you must appreciate that it exists. Whether they’re purchasing items from a shelf, hiring you to fix their roof, or using your agency to build an application, customers divulge a plethora of sensitive information, often without realizing it. So it’s imperative that you protect their data at all costs.
For example, contractors often require customers to fill out a contract and a credit card validation form. Think about the amount of information collected on those documents: social security numbers, income, birth dates… everything an identity-thief may need to become someone else.
Similarly, marketing agencies are often exposed to highly sensitive strategic customer information. While NDA’s and confidentiality agreements are meant to deter intentional publication, they don’t necessarily protect against unintentional disclosures such as hacking or theft.
Your business will only go as far as your customers’ ability to trust it. Therefore, it’s imperative that you have a secure plan in place for dealing with sensitive information. Here’s are some ideas:
First, for physical documents, you can either convert them to digital, or store them in a secure location – not both. I’ve seen companies want to keep both a digital copy and a physical backup of the original. The problem here is that they are now exposing themselves to multiple attack vectors. By limiting the ways an inadvertent disclosure can occur, you are telling your customers that their security is paramount.
Second, when using digital files, use encryption for everything. Whether in a database or a file system, all sensitive customer documents should be encrypted. This way, if a hacker does get into the system, all they’ll have access to are the encrypted versions of the data, which is very difficult (if not impossible) to crack.
Finally, if storing physical files, keep them under lock and key. Make sure there are security protocols in place to limit sensitive customer information to a particular cabinet or room. Then make sure that only certain people have access to it. If an intruder attempts to steal the information, that should make it much more difficult.
There’s no way of protecting data absolutely, but some small changes can not only show that you did everything you could, but it will also give your customers piece of mind.