iGeneration Banking Solutions

Is Expecting Your Digital Privacy Realistic?

We’ve seen a lot of news about privacy and encryption lately.  Actually, we’ve been seeing it for several years but the intensity of news stories seems to be growing.  First there was the Target breach, then the Home Depot breach .  Today we learned that a hospital in LA decided to pay the ransom to get their  data back because it is “in the best interest of restoring normal operations” (translation: we’re going out of business if this continues.  It will cost less to pay the ransom).

Just about the only “positive” story on information privacy recently has come from
Apple.  Unfortunately, it has created a stir that has some negative views.

Most people don’t realize or value the extreme importance of protecting sensitive information.
 The reason can usually be traced back to one simple truth:  identity theft has never happened to them.  It is extremely flawed logic to think that because you’ve never experienced the negative consequences of data theft, it’s no big deal.  Yet, here we are in a world where companies are repeatedly warned and then months later get caught with their pants down.  Ask Target if they could have spent the $252 million on better things.  Ask Home Depot how their attitude toward security is different now that they’ve spent $33 million on it.  Do you think Hollywood Presbyterian Medical Center would invest in better security if they could go back in time?

Why  don’t they take it more seriously?
 In addition to the “it won’t happen to me,” frame of mind, there is another prevailing factor.  It can be expensive to secure and protect information.  Hiring experts to manage data security, investing in network security equipment and maintaining security policies not only adds to the work load of everyone in the company, it also requires a dedicated budget.  All of this for something that’s seen by decision makers and accountants as “not producing income.”  The returns on this kind of investment are perceived as extremely nominal.  This is especially the case for small business owners who frequently have neither the time, resources nor funding to establish the proper security.  In my business, I see this this mindset every day.  It’s more often the norm, which should scare the Hell out of everyone reading this.

Don’t believe me?
In the past month, I sent a wristwatch off for repair to the Invicta Watch Company.  I received a form email from them asking me to respond with my credit card information.  Later in the month, a support representative from Yabdab (a web software company) asked me to email administrator credentials for a server.  It’s 2016.  Do we really have explain to people that email is NOT secure?  

Unfortunately, the sobering truth is that until more people are affected and more companies are faced with negative consequences, your information is probably exposed somewhere right now.

What can you do?
 First, if you are a decision maker in your company, take steps to protect sensitive information that your customers have entrusted you with.  Just like Uncle Ben said to Peter Parker, “With great power, comes great responsibility.”  Second, be mindful of what you give out and to whom.  If it doesn’t feel right, don’t do it.  Ask if there’s another way.  There usually is, but it requires extra effort.  That effort will go a long way toward your privacy.  Third, don’t allow companies to store your information when they ask.  Yes, you will have to enter it every time, but is it REALLY so hard to do that?  Don’t take shortcuts.  Nothing is going to guarantee 100% protection of your information but you can increase the odds greatly if you try.

My company can provide more help with security
.  Especially in the area of PCI compliance.  If you need assistance, we’d love to hear from you.  
blog comments powered by Disqus
© 2017 The Alan Group Contact Us