According to global cybersecurity firm, Kaspersky, there was a 160.43% rise in data breaches in the Philippines from 2019 to 2021. This is why it's more important than ever for businesses to protect customers' information. Your clients' information should be one of your company's most secured assets. From the same report by Kaspersky, an enterprise-level company that was hit by a data breach may lose more than PHP 52 million on top of damage to its brand. To help you mitigate these devastating circumstances, here are the steps for a security plan provided by US FTC.

1. TAKE STOCK.

“Know what personal information you have in your files and on your computers.”

One of the first things you want to do is to take stock. You should be aware of all your customers' personal information including where it is stored, how it is used, who has access to it, and how it is protected. This way, it will be easier for you to recover and/or identify any data breach that might happen. Below are a few tips you can do in taking stock:

  • Inventory all the equipment you are using to store company data, as well as all the information you have by type and location.
  • Keep track of the employees responsible for different kinds of data that your business currently protects.

2. SCALE DOWN.

“Keep only what you need for your business.”

While it's tempting to keep information for future use, the less you collect and store, the less opportunity there is for something to go wrong. Below are a few helpful steps you can do in scaling down:

  • Go through everything to determine what is essential data and what is unnecessary.
  • Don’t keep anything you don’t need, and stop collecting it either.
  • Follow the “principle of least privilege” which FTC defined as: each employee should have access only to the resources needed to do their particular job.

3. LOCK IT.

“Protect the information that you keep.”

If your customers trusted you with any information, it’s your responsibility to keep it secure. Keeping such information secured has become more challenging over the years as hacking seems to become an easy job in today’s generation. We have provided a few helpful tips for you to better protect your clients’ information:

  • Create a strong password using 12 characters or more with a combination of letters, numbers, and symbols.
  • Make sure to have a clear and up-to-date privacy policy that outlines the information you collect, what you use it for, and how you protect it.

4. PITCH IT.

“Properly dispose of what you no longer need.”

Most businesses frequently take precautions to protect their digital data, but fail to work safely with the electronic devices that store this information especially during disposal. Take a look at these ideas to keep the data in your electronic equipment safe:

  • If a computer is being decommissioned, make sure the hard disk is removed and physically destroyed.
  • Another easy target for hackers are company cell phones, which might leave your network vulnerable if they're charging or synching with a networked PC. Installing encryption software on smartphones can help keep your network and consumer data secured.

5. PLAN AHEAD.

“Create a plan to respond to security incidents.”

Managing an emergency means knowing what to do when, regardless of the disaster type. This step is important so you will know exactly what to do in case of emergency. Kindly see a few helpful tips below in creating your plan:

  • Start coordinating with a cyber security expert or a business technology consultant that can help you in case of breach, for retrieving data and assessing the crime is not as easy as it seems.
  • Consider getting Cyber Crime Insurance to ensure that your business will have the necessary support and funds to get through the breach, completing your cybersecurity protection. If you need more information about this type of insurance, you may visit the following link: https://trinity-insures.com/collections/general-insurance/products/cybercrime-and-insurance

We at Trinity hope that this article will be beneficial to you and your organization in the fight against cybercrime and data breach. In understanding your company‘s cybersecurity risk, cybercrime insurance must go hand-in-hand to protect your business from any financial losses and liabilities caused by data breach. This is why Trinity provides specialty insurance products to serve your corporate needs in addition to traditional insurance products. Visit us at www.trinity-insures.com and we’ll be glad to help you with your insurance requirements.

Sources:

  • https://www.ftc.gov/tips-advice/business-center/guidance/protecting-personal-information-guide-business
  • https://business.gov.au/online/cyber-security/protect-your-customers-information
  • https://www.privacy.gov.ph/data-privacy-act/
  • https://mysecurityawareness.com/article.php?article=334&title=protecting-customer-data#.YQn_R44zY2w
  • https://www.microsoft.com/en-ww/microsoft-365/business-insights-ideas/resources/essential-tips-protecting-customer-data
  • https://cybriant.com/how-to-protect-customer-data-7-tips/
  • https://support.google.com/accounts/answer/32040?hl=en
  • https://mb.com.ph/2021/06/10/kaspersky-data-breaches-on-the-rise/