5 Ways to Guard Customer Information
Customers count on you to protect their personal information.
In today’s world, businesses big and small have no choice but to collect at least some personal information from their customers in order to operate. Obviously, those same customers count on businesses to protect that private information.
Not surprisingly, personal details like addresses, birthdates, and possibly even social security, credit card and driver’s license numbers may live inside your digital and paper files. Although it may be true that you need this information to conduct business, it’s also true that this information is exactly what identity thieves aim to uncover.
Are you doing everything you can to protect it?
According to the Federal Trade Commission, there are 5 security rules every business and organization should have in place to protect sensitive consumer information stored in their documents and data files:
1. TAKE STOCK
- Know what personal information in your possession, know where it’s stored, and know how it’s protected.
2. SCALE IT DOWN
- Keep only the information you need, and destroy the rest. Follow the “Principle of Least Privilege”, meaning employees have access only to the information necessary to do their jobs.
3. LOCK IT UP
- Physical Security
- Lock file cabinets and offices, and control who is authorized to enter.
- Remind employees not to leave sensitive documents out in the open while away from their workstations, and never allow documents to pile on top of a shredder.
- Electronic Security
- Encrypt sensitive information (including emails), and routinely run up-to-date malware programs on your devices and servers.
- If you accept credit cards, use Transport Layer Security (TLS) to protect user information.
4. PLAN AHEAD
- Have a response plan in case of a security breach, and know who to notify (e.g., customers, law enforcement, credit bureaus, and other businesses that may be affected)
5. PITCH IT
- Don’t hold sensitive information longer than necessary, and never throw anything containing personal information into the garbage! Instead, put documents into a secure shred bin or shred them immediately.
- Ensure that unused hard drives and data devices are irreversibly destroyed.
Data deletion is not data destruction.
Additionally, hard drives and media devices must undergo AAA NAID Certified data destruction in order to prove compliance under local and federal information security laws. Afterwards, A certified shredding service will provide a Certificate of Destruction, important when proof of compliance is needed.
Is all this really necessary?
Granted, this may feel overwhelming, and perhaps you’re thinking the effort required is too much. However, if you can imagine losing the trust of your customers or even worse, needing to defend your business against a lawsuit, you’ll realize that not only is it worth it, it’s necessary.
We can help!
The good news is, Altitude DocuShred is here to make it easy, convenient and affordable to securely destroy your documents and data. Proudly, we are locally owned and operated right here in Colorado, and we’re AAA NAID Certified in document and data destruction.
Let’s start on a recurring shred program and data destruction plan for your business today!
Call us at 303.537.5401 or request a quote on our website.