The 2015 Global State of Information Security report shows that not only are security incidents increasing, they are becoming more costly for organizations. Meanwhile, budgets for information security are decreasing. To keep client data private and out of the hands of hackers, security professionals will need to make strategic choices about how to spend increasingly stingy budgets.
Set expiration dates on your emails
If you are sending sensitive data via email, what happens to it when it leaves your outbox is basically out of your control. When was the last time you cleaned out your inbox? If it was recently, you’re in the minority. Most people don’t take the time to clean out email messages, which means the recipient of sensitive information probably has it just sitting in an inbox somewhere. By setting expiration dates on the emails you send, you can ensure that after a certain time, they are no longer readable by the recipient or anyone else. Virtru, currently in BETA is one product that offers this service.
Beware the shadow IT
Do you know where all your sensitive data is being stored? Are your employees sharing information from personal devices that you don’t have control over? Avoid a BYO security threat situation by educating employees about how they can (and how they should not) use personal devices when handling sensitive client information. Make sure they understand what information is sensitive. Consider improving your information security awareness program to keep employees up to date on best practices.
We’ve said it before, and we’ll say it again, encrypt your files. Expect your private client data to be stolen. Protect your clients and yourself by encrypting any sensitive information. A data breach will be much easier to recover from if you can ensure your clients that the stolen data is indecipherable. When Corporate Car Online was breached, hackers were easily able to learn unencrypted personal financial information, travel plans, credit card numbers and more for over 850,000 clients ranging from politicians to A-list celebrities. Simply encrypting their data would have protected their clients and saved them embarrassment and more.
Clients need to feel safe and secure about what is happening with their private data. Having a plan in place for protecting them can give you the edge over competitors. Having the structure in place to protect sensitive information will not only save an organization from becoming an embarrassing headline, but will help grow business.
What interesting tricks or tools is your organization using to ensure data remains private?