How to minimise risk of customer data loss and fraud

UK businesses must change their attitude to customer data protection or they risk misuse and potential loss of this information.

According to a recent survey released by the Financial Services Authority, UK companies severely underestimate the risk of customer data loss and fraud to their businesses. Significantly, the study showed that SMBs were the worst offenders in their disregard for customer information and this is also a trend that we have seen among our customers, writes Robert Epstein, business lead, small medium business, Microsoft UK.

It is extremely worrying that despite the series of high-profile data losses over the past year and growing awareness among consumers, businesses are still not taking the risk seriously. UK businesses must change their attitude to customer data protection or they risk misuse and potential loss of this information.

This is all the more troubling given the growing usage of customer information. Businesses are collecting, analysing and sharing customer data in increasing numbers. Although numerous studies have shown that there is greater awareness among consumers about the risks associated with data security, rising usage has not been matched by an increase in privacy procedures and customers are becoming extremely uneasy about sharing data. To combat this, SMBs should take measures to show customers that they are using their details in the right way. This is beneficial for both parties as customers are more likely to willingly provide information on themselves and allow it to be shared, if they are confident that an organisation is managing data correctly and using it to provide useful and relevant information.

Not only will this help businesses to increase consumer confidence, it can help to build sales channels. Despite apparent growth, internet-based sales still constitute a small percentage of total retail sales. This is largely because the internet continues to be seen as a threat to customer security, and yet it offers a compelling sales channel for SMBs that may not be able to afford retail premises. Moreover, the increasing number of businesses that are reliant on web 2.0 technologies and e-commerce must also take action. But the big question for many is how?

Technology undoubtedly plays an important role in this. But it is critical that businesses use the right technology to protect data, as the way in which data is stored impacts the type of security needed. For example, the increase in flexible and mobile working has led to a rise in the amount of data stored on mobile devices and in remote locations. As a result traditional means of protection, such as passwords, may no longer be effective and businesses should consider other technology solutions when protecting customer details.

However, technology alone will not tackle the root of consumer distrust. Businesses need to demonstrate that they are aware of the risks, such as leaks and misuse by staff, and are taking the right precautions. For example, we have seen a worrying number of laptops containing confidential personal details stolen over the last year - devices that could have been simply protected using Vista Bit Locker. As such, I'd urge businesses to demand a detailed understanding of the location, usage and security of customer records. It can help to introduce new policies and procedures, from storage policies to access rights, which define the value of data and encourage an organisation to change its attitude to security. The resources are available and businesses simply cannot afford to be negligent in the protection of customer information.

According to a recent survey released by the Financial Services Authority, UK companies severely underestimate the risk of customer data loss and fraud to their businesses. Significantly the study showed that SMBs were the worst offenders in their disregard for customer information and this is also a trend that we have seen amongst our customers. It is extremely worrying that despite the series of high-profile data losses over the last year and growing awareness amongst consumers, businesses are still not taking the risk seriously. UK businesses must change their attitude to customer data protection or they risk misuse and potential loss of this information.

This is all the more troubling given the growing usage of customer information. Businesses are collecting, analysing and sharing customer data in increasing numbers. Although numerous studies have shown that there is greater awareness amongst consumers about the risks associated with data security, rising usage has not been matched by an increase in privacy procedures and customers are becoming extremely uneasy about sharing data. To combat this, SMBs should take measures to show customers that they are using their details in the right way. This is beneficial for both parties as customers are more likely to willingly provide information on themselves and allow it to be shared, if they are confident that an organisation is managing data correctly and using it to provide useful and relevant information.

Not only will this help businesses to increase consumer confidence, it can help to build sales channels. Despite apparent growth, internet-based sales still constitute a small percentage of total retail sales. This is largely because the internet continues to be seen as a threat to customer security, and yet it offers a compelling sales channel for SMBs that may not be able to afford retail premises. Moreover, the increasing number of businesses that are reliant on web 2.0 technologies and e-commerce must also take action. But the big question for many is how?

Technology undoubtedly plays an important role in this. But it is critical that businesses use the right technology to protect data, as the way in which data is stored impacts the type of security needed. For example, the increase in flexible and mobile working has led to a rise in the amount of data stored on mobile devices and in remote locations. As a result traditional means of protection, such as passwords, may no longer be effective and businesses should consider other technology solutions when protecting customer details.

However, technology alone will not tackle the root of consumer distrust. Businesses need to demonstrate that they are aware of the risks, such as leaks and misuse by staff, and are taking the right precautions. For example, we have seen a worrying number of laptops containing confidential personal details stolen over the last year - devices that could have been simply protected using Vista Bit Locker. As such, I'd urge businesses to demand a detailed understanding of the location, usage and security of customer records. It can help to introduce new policies and procedures, from storage policies to access rights, which define the value of data and encourage an organisation to change its attitude to security. The resources are available and businesses simply cannot afford to be negligent in the protection of customer information.

Private sector must do more to protect customer data, analyst says >>

FSA fines stockbroking firm £77,000 for weak data security >>

Lords committee to re-open inquiry into data security >>

Rising cost of data breaches fuels security spending >>




This was last published in July 2008

Read more on IT for small and medium-sized enterprises (SME)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close