Topic 2 | Data and Information security Risks

Proper Precautions in Securing Customer/Client Data

As we have discussed in the previous topics, losing private client data or information, such as credit card details, login credentials, financial report, and marketing information, can have negative impact to the business in both legal and publicity standpoints.

 

Take the case of Gino:

Gino is part of the product team and they created a sponsor-driven online competition for their followers on Twitter. The mechanics involved submitting photos showing the sponsor’s product and monitoring the approval of acceptable content. Every weekend, Gino is assigned to count the total entries and to send them to the product team and the three sponsors. Unfortunately, in one weekend, Gino accidentally mixed the entry count and sent it to the incorrect sponsor.

Gino immediately recalls the email using his Outlook email, however, some recipients already read his email. He was told by the head to send an apology email internally and request the recipients to delete the files. Gino was reprimanded of his action and was given an HR conversation about mishandling data.

In this scenario, Gino made a mistake of sending the incorrect data to its intended recipient. His course of action is to recall his email however it was not enough. He was forced to send an apology message to the sponsors. Human error is the culprit in this scenario that can be prevented if Gino made clarifications from his head.

 

Check out another case from Kevin:

Kevin was asked by his supervisor to purchase a software subscription using his credit card. Kevin saved the credit card information on his email. One time he was forced to rent a computer for work and left it on during a bathroom break. One customer saw his email and took note of the credit card information. The following day, the supervisor called him about the unauthorized purchase made into his account. Kevin was asked to apply for resignation because of mishandling private information.

Money is one of the crucial matters regardless of the workplace. In this case, Kevin made a mistake of saving the credit information of his supervisor. Albeit, this can be avoided if Kevin refused to take the credit details. He could accomplish only the preparation of the invoice and asked his supervisor to fill the payment details instead. Unfortunately, this cost Kevin’s job and may reflect when reviewed by his new employer.

 

These two cases are some examples of our daily activities turned into fiasco, and all it takes is a little more of carefulness especially on your end.

To prevent unwanted situations like these from happening, here are more measures you can take to safeguard your customer/client data and information from security breaches.

On your technology:

  1. For those with non-single sign-on services on your work system access: Use password manager than writing list of passwords on a paper and then leaving it on your work desk.
  2. Check whether data encryption is available and active in your work devices.
  3. Refrain from sharing your work files on your personal email or storage devices.
  4. In relation to item #3, use cloud-based storages instead, like Google Drive.
  5. Use cloud-based tools, like PM and productivity tools.
  6. Use Virtual Private Network (VPN).
  7. Make sure your WIFI has strong password, in case VPN is not an option.
  8. Set up a firewall.
  9. If you have a router, make sure that access to the setting is password-protected.
  10. Apply anti-virus software.

These above plus your accountability will go a long way to ensure the security of your client’s data and information.

 

In case of security breaches, proceed to the next topic to learn ways on how to handle it.

As we have discussed in the previous topics, losing private client data or information, such as credit card details, login credentials, financial report, and marketing information, can have negative impact to the business in both legal and publicity standpoints.

Take the case of Gino:

Gino is part of the product team and they created a sponsor-driven online competition for their followers on Twitter. The mechanics involved submitting photos showing the sponsor’s product and monitoring the approval of acceptable content. Every weekend, Gino is assigned to count the total entries and to send them to the product team and the three sponsors. Unfortunately, in one weekend, Gino accidentally mixed the entry count and sent it to the incorrect sponsor.

Gino immediately recalls the email using his Outlook email, however, some recipients already read his email. He was told by the head to send an apology email internally and request the recipients to delete the files. Gino was reprimanded of his action and was given an HR conversation about mishandling data.

In this scenario, Gino made a mistake of sending the incorrect data to its intended recipient. His course of action is to recall his email however it was not enough. He was forced to send an apology message to the sponsors. Human error is the culprit in this scenario that can be prevented if Gino made clarifications from his head.

 

Check out another case from Kevin:

Kevin was asked by his supervisor to purchase a software subscription using his credit card. Kevin saved the credit card information on his email. One time he was forced to rent a computer for work and left it on during a bathroom break. One customer saw his email and took note of the credit card information. The following day, the supervisor called him about the unauthorized purchase made into his account. Kevin was asked to apply for resignation because of mishandling private information.

Money is one of the crucial matters regardless of the workplace. In this case, Kevin made a mistake of saving the credit information of his supervisor. Albeit, this can be avoided if Kevin refused to take the credit details. He could accomplish only the preparation of the invoice and asked his supervisor to fill the payment details instead. Unfortunately, this cost Kevin’s job and may reflect when reviewed by his new employer.

 

These two cases are some examples of our daily activities turned into fiasco, and all it takes is a little more of carefulness especially on your end.

To prevent unwanted situations like these from happening, here are more measures you can take to safeguard your customer/client data and information from security breaches.

On your technology:

  1. For those with non-single sign-on services on your work system access: Use password manager than writing list of passwords on a paper and then leaving it on your work desk.
  2. Check whether data encryption is available and active in your work devices.
  3. Refrain from sharing your work files on your personal email or storage devices.
  4. In relation to item #3, use cloud-based storages instead, like Google Drive.
  5. Use cloud-based tools, like PM and productivity tools.
  6. Use Virtual Private Network (VPN).
  7. Make sure your WIFI has strong password, in case VPN is not an option.
  8. Set up a firewall.
  9. If you have a router, make sure that access to the setting is password-protected.
  10. Apply anti-virus software.

These above plus your accountability will go a long way to ensure the security of your client’s data and information.

In case of security breaches, proceed to the next topic to learn ways on how to handle it.