Since the majority of data breaches that occur are "crimes of opportunity" – hackers seeing an opening and using it – it's important for everyone involved in your business, whether it is employees, clients, freelancers, contractors or consultants, to understand the importance of data security and corresponding best practices.
"Most of our clients are pretty sophisticated in terms of technology, but they may not think about advising their clients on security basics," said Ted Devine, CEO of TechInsurance. "Often, that's because they don't realize that, even if their own security measures are top-notch, their clients' security lapses can expose them to costly cyber liability claims."
Verizon Enterprises recently released its 2013 Data Breach Investigations Report that revealed 48 percent of all data breaches are enabled by in-house mistakes made by employees or contractors who have no training or familiarity with data management protocol. As a result, providing training to involved parties will help mitigate the possibility of a breach.
In tandem with training, it is critical to review the basics of a systems security: passwords. While this is a basic safety measure, 76 percent of data breaches occur because a password is successfully – and easily – guessed. This, in combination with the encryption of sensitive data and limiting access to sensitive information, establishing a data management protocol for the use of business assets, such as laptops and mobile devices outside of the office, should help protect the integrity of your system.
A Security Strategy
The most important concern among businesses is loss of brand reputation or customer trust, and how to avoid that loss, according to IBM's A New Standard for Security Leaders report[source is always at the end of a sentence for ID Theft]. Cybercrime, data theft and data breaches can all impact customer trust. However, the study revealed that 24 percent of the information security leaders polled by IBM said they actually tracked the security issues and their impacts on brand reputation.
IT management is especially pertinent when it comes to mobile devices. For organizations and employees who use their own devices, less than 40 percent claim to have specific mobile data security and usage policies for such devices, according to the IBM study.
In the shadow of the massive data breach at Adobe just a few weeks ago, leaders should continue to focus on enterprise identity, access management, database security and network intrusion as priorities. However, ensuring that marketing concepts such as brand reputation and customer trust are tracked in the event that a data breach occurs should also become a priority in the development of a business's strategy and security planning.
Matt Cullina is chief executive officer of IDentity Theft 911.