Cintas recently released a study they commissioned by Harris Interactive, showing that customers are reluctant to do business with companies after their information has been compromised. That shouldn’t be a surprise, as a data breach is a public relations nightmare. By protecting your clients’ information, you are also ensuring your organization stays in the black.
You probably know Cintas as the company that provides uniforms and other services to a variety of industries, but they are also involved in services such as shredding and destruction of hard drives, and other forms of document management.
The survey was conducted with 2,061 American adults in August of this year. Harris Interactive found that two-thirds of those surveyed would no longer patronize a business if their information was compromised. Here are some scary numbers from the survey:
- 55 percent of people said that they would switch banks if their data had been lost or stolen.
- 46 percent would change insurance companies.
- 42 percent of people would frequent a different pharmacy.
- 40 percent would change doctors or dentists.
- 35 percent wouldn’t go back to the same hospital.
- 39 percent of clients would find a new lawyer.
- 24 percent of the respondents also stated that they would stop donating to a charity or educational institution.
A lot of organizations are already feeling this pain, if the amount of data breaches we report on is any indication.
According to an article on ITProPortal, research conducted by IT security company Javelin showed that a quarter of the 16 million people who were victims of a data breach were victimized again in an identity theft. Is it any wonder that consumers want to stay away from companies who don’t take proper care of their data?
Often, people have no idea that their information has been stolen. Organizations must report a data breach and notify those affected within a certain time frame, but that varies by state.
It can take months for identity theft to become apparent. Companies usually offer those affected a free year of credit monitoring, but that isn’t going to bring back customers who no longer have trust in your organization.
The best thing you can do to keep this trust is to prevent a breach from happening in the first place. It may not always be possible to prevent a data breach, but it’s not difficult to implement some processes to significantly decrease your risk:
Educate all of your stakeholders – from the C-suite to the people who sweep your floors at night. Any one of these people can be responsible for a data breach. Make sure that they understand the benefit of a strong password. This sounds like a simple thing, but it makes a big difference.
Adobe recently suffered a huge data breach that affected approximately 38 million users. Hackers released information online which exposed the passwords of over 150 million of those people. Graham Cluley has a list of the top 50 passwords that were exposed.
Would it surprise you to know that 1,911,938 of those accounts had the password “123456”? “Password” was the password of 345,834 users.
Conduct pre-employment background checks on new hires and monitor activity of all company owned computers and devices. Know your people and make sure you can trust the employee who is walking out of your company at five o’clock with a laptop filled with data. Better yet, don’t allow Bring Your Own Devices (BYOD) and don’t allows certain information to be stored on portable devices if you suspect that information might get into the wrong hands.
Move all of your documents to a secure, encrypted, cloud-based content management system. Stolen or lost laptops, mobiles, and external devices such as USB drives are one of the most common ways criminals get their hands on your sensitive data.
Communicate with customers, suppliers and any internal and external stakeholders using secure email and document delivery which is encrypted or password protected. Have you ever accidentally sent the wrong email to someone? That has been the cause of some serious data breaches. If you were using secure email and you sent a document to the wrong person, they wouldn’t be able to open the encrypted message without the right key.
Those are just a few common sense and easy-to-implement tips to avoid a data breach. Organizations don’t seem to be taking this kind of loss seriously, or they would be doing everything in their power to avoid a data breach.
If you want to attract new customers and keep the ones you already have, it’s time to start making changes. Yes, it takes some work, but it’s better than putting your employees out of work after you lose customers due to lax security practices.