Data is a hot topic around the world. Between hearing about a new data breach every month and constant news cycles talking about Facebook and Google testifying before the US Congress, data privacy and protection is always being thrust into the spotlight. Unfortunately, ecommerce companies simply cannot survive without data. This means that breaches and privacy concerns will continue to be a discussion for your customers.
Why Should You Care?
Though data breaches and privacy are talked about so often, many businesses fail to understand why this could have such a large impact on an ecommerce company.
Though hackers have existed since essentially the beginning of the digital age, the sheer amount of information and content available today is like a minefield waiting to explode. In recent years, targets of hackers have included celebrities with embarrassing personal content on their phones, large companies with valuable payment information, health systems with confidential medical files, and even vulnerable government agencies. Wikipedia even has a list of some of the largest data breaches since AOL was hacked by an insider in 2004 – and it has 290 entries.
Most breaches occur due to poor data management and lack of security. Even companies that think seem to be getting it right sometimes fail. For example, Under Armour appeared to have done everything correctly when they were breached in 2018. They used strong encryption on customer data, notified everyone on the breach immediately, and segmented their data so important information like credit card numbers and locations were never exposed. However, it was later revealed that they used a mixture of strong and weak encryption to speed up the encryption process.
Because companies rarely understand the technology they are using for to protect their data, they continue to make it easier on hackers to get important information.
Changing Legislation on Privacy and Protection
To combat these constant breaches and privacy violations, there have been a number of proposals on data management legislation around the world. The most notable one is, of course, GDPR since it has already been passed and implemented. However, the EU regulation will likely not be along for long.
In fact, the US seems to be moving closer and closer to some resolution as Congress dives deeper into how the Facebook data breaches occurred and what data collection is actually like within Google. Though it is unlikely for anything to pass right now, companies should be prepared for future legislation regarding data collection, storage, and even uses.
Impacts of Poor Management
But waiting for legislation to force you to protect customer data may not be the best plan. If a data leak does happen to your company, consequences could be severe. From a damaged reputation to lost revenue, the effects of a data breach could significantly hurt your bottom line. Ponemon Institute estimates that the average cost of each compromised record is $148. That adds up quickly when talking about thousands or even millions of records.
Tips for Protecting Your Customer Data
- Use strong encryption/protection software and keep it up-to-date.
- Avoid collecting more data than you need and delete unnecessary information after it has been used.
- Limit access to customer data among your employees and keep them informed on data protection policies.
- Create clear data and privacy policies and make it readily available for your customers.
- Be upfront with customers about any use of third-party data and ensure protection policies cover any use.
Being informed about how data breaches occur and what the effects can be will help your company stay ahead of any issues.