When transferring customer data, do you protect it with as much care and respect as if it were a suitcase full of cash?
The transferring of customer data is one of the biggest security risks for any organisation and its customers. You have a responsibility to ensure that no risk is being taken with the transfer of your customers’ personal information.
Although only 39 data breaches were reported to the Privacy Commissioner in the last financial year, potentially millions of individual data details have been leaked.*
What is the process when you (or a member of your team) needs to share customer information with another employee or an external supplier to get a job done? It’s during this transfer that the risk of a data breach increases.
Want to minimise the risks? Check out these examples of data transfer practices to avoid:
Unsecure data transfer practices to avoid:
- The emailing of customer information/data files to colleagues or external suppliers without encrypting the data attachment (and just imagine if your auto-complete option included a recipient you weren’t meaning to send it to)
- The manual transfer of customer information to USB data drives or personal laptops for staff to work on projects at home
- Using third party file sharing services without properly assessing them. Have you thought about where that data goes, how it is stored, who has access to it, how shared accounts are maintained and retired when employees exit companies (and whose responsibility that is)
- Adding password protection to emailed files, and then including the password in the email either WITH the data file, or within a second follow up email sent soon after the first.
If your organisation has a dedicated secure file transfer server (sftp) in place for the transfer of data to specific suppliers, or your supplier has one – that’s a great start. However, is this sftp used across your entire organisation by everyone, or do some users circumvent this and use email, or another file transfer toolset instead?
Your suppliers also need to maintain that security and trust on your behalf when they’re dealing with your data. Have you ever asked them how they achieve that?
As a multi-channel mail house, Marketing Impact handles sensitive customer data all the time. Data is our business and we take the protection of our customers’ data very seriously.
That’s why we constantly assess the technology we use to provide secure file transfer services and evolve our security in line with changes in threat levels.
Our data transfer tools fully encrypt data during the transfer to our server and are accessible and inexpensive for our customers to use.
Have you got any further questions about securing your customers data?
Please contact us here and we’d be happy to help or to point you in the right direction for advice.
Or, check out the following links for more information:
Data security and privacy principles
* Source: Privacy Commissioner, NZ
See a small selection of breaches detailed below:
Mega data breach: Logins for 15,500 accounts on net
Allegations 800,000 NZers at risk of medical privacy breach
More than 63,000 Kiwis potentially impacted by Facebook data breach
BP data breach widens to 60,000 people after malware attack on PageUp job portal