Customers are starting to get the message that their data is valuable. Tom Merritt offers five suggestions to ensure your customers' data isn't vulnerable to attack.
With more data breaches in the news than ever before, you need to be a company that proactively protects your customer data, rather than one trying to explain why that data is now for sale on the dark net. Here are five ways to maximize customers' data security.
- Update software when patches are available. Don't wait for slower, less disruptive times to update--attackers won't.
- Encrypt your customer data. All of it. Make users and employees choose strong passwords and require two-factor authentication--preferably from a token or a key, not a text message.
- Separate information you need from information you don't. You probably want names and emails for communications, but you don't necessarily need to handle verifying credit card information yourself.
- Train your employees regularly. Reinforce what the risks are, and why seemingly annoying and time-consuming policies need to be followed. Attackers prey on the mundanity of data security procedures, and how easily we humans get bored without a visible threat.
- Test your weaknesses. Whether you hire an outside firm, set up red and blue teams, or even just ask your team to hammer away on stuff, look for the vulnerabilities and find them before someone else does.
Nothing can 100% prevent an attack or a security breach--the goal is to reduce the chances as much as possible. Hopefully, these tips get you a little closer to zero.
Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.
- US government rolls out 2-step verification for .gov domain owners (ZDNet)
- IT pro's guide to effective patch management (free PDF) (TechRepublic)
- Network security is top IT concern for SMBs, but few have security pros on staff (TechRepublic)
- The top 10 cyberthreats IT security teams are facing right now (TechRepublic)
- 5 tips to secure your supply chain from cyberattacks (TechRepublic)