Most Businesses Protect Their Customer List, But Not Their Customer Data
I recently attended an Internet start-up event which featured various internet start-ups pitching to an investor panel; and a live audience to listen and ultimately vote for their favorite start-up. I also had the opportunity to personally speak with several start-up founders. I asked the folks I was able to speak with what they did regarding Cybersecurity and protecting themselves from hacker attacks. I was stunned to receive answers such as: “my security guy just opens the ports we need,” or “Google will handle it.” Even more shocking I observed that as the Investors gave the start-up founders feedback in the audience none of them mentioned information security concerns once. I certainly understand that Cybersecurity and protection from hackers is not a budding start-ups main concern, but in my opinion it needs to at least be on the radar.
There are several well documented examples of brick and mortar, as well as Internet only organizations being put out of business completely by miscreant hackers and in short order too. Recently a 1.5 million dollar California organization was put out of business after hackers stole a majority of the funds in their bank account. Sadly most operations don’t realize they’re in trouble until they experience a major loss; these losses can be financial, customer data or in many cases both. What’s the point of building a great new brand only to have it pillaged and destroyed by the bad guys?
As the evening wore on and I listened to some of the presenters in many cases I noted they were handling highly sensitive customer data and would essentially be a black-hat hacker’s dream come true. I don’t think many of the people at this wonderful event realized how much liability they had which was not being adequately addressed.
So where can you start in your efforts to build a fortress around your business that keeps the bad elements out, yet does not interfere with encouraging healthy flows of commerce on your site?
One answer is to understand where your customer data resides and protect it. The data which you need to protect can be on your servers, on hard drives, traveling across the internet, and even in the minds of your staff and vendors who service your organizations. The first step is to assess how safe all this highly sensitive stored data really is. One way to start is by performing what is called in the security industry a vulnerability test. Simply put, this means a security professional will spend some time with you and your organization using special tools which are able to determine how secure your computers and data really are.
The most important point I would like to get across is simply to start. Cybersecurity is a journey not a destination, and it all starts with the first step.
Best of luck to you in protecting your customer data – Inbound and Out
As always I am happy to answer any questions you may have!