When you walk into a place of business, whether its retail or a professional office, you aren’t thinking about your security. You’ve gone into that place of business to do some form of business. Well, an interesting thing happened to me and my husband on a recent trip.
We traveled to St. Charles, MO last week as our son was having some medical tests done and we wanted to be there. We arrived at the hotel to check in. It was late and we were quite tired after driving six hours. We didn’t have much for luggage since we were only staying for one night, but we had plenty as I’m always traveling with a computer! We made it to our room. My husband opened the door and had me go in first…but, I stopped dead in my tracks. The room appeared to be in use. The lights were out, but the television was on and the sheets on the bed were turned back. I didn’t actually see anyone. We turned around so quick I’m surprised we didn’t get whiplash! We made our way back to the front desk to get a new room. As soon as we closed the door in that room, I turned the dead bolt on the door…no chance of anyone coming in my room in the middle of the night!
As I lay in bed that night (early morning) I was wondering, what do various small business owners do to protect their customers and/or their customers’ data? We are in a world of identity theft today and every precaution has to be taken. Do business owners have systems for handling safety of their customers and their customers’ data? If I were to go dumpster diving at some professional office buildings, what personal data would I find in the trash?
Many businesses collect ‘sensitive’ data or information from their customers – such as social security numbers, financial records, credit details – for sales or other business purposes. Theft or misuse of this information can put your customers’ financial information at risk and damage the reputation of your business. You can follow these tips to help protect both your business records and your customers’ sensitive data:
1. Secure documents and equipment:
- Lock up documents, files, and storage devices (like computer disks and flash drives) in a file cabinet or office when they’re not in use and at the end of each day. During the business day, limit access to only the employees with a legitimate need to access the information.
- Shred what you don’t need. If you no longer have a business need to retain a customer’s sensitive data, ensure that it’s unreadable before you discard it.
2. Secure electronic data:
- While it’s safest to not store your sensitive data on Internet-accessible computers, that may not be practical for your business operations. In that event, encrypt the sensitive files that you need to send via the Internet.
- Assess your password policy. Implement password-activated screen savers after periods of inactivity, and discourage the use of passwords that can be easily guessed.
3. Train employees:
- Check references or perform background checks before hiring employees who may have access to sensitive data.
- Identify which employees have access to sensitive data, and limit access on a need-to-know basis as appropriate.
- If an employee leaves the business, ensure that access to company information is suspended by changing passwords and keys, closing accounts, etc.
4. Secure vendor relationships:
- Investigate the data security practices of companies that you outsource work to – including Website hosting, payroll, call centers, etc. to ensure they are up to your standards.
5. Create a response plan:
- Plan who to notify in the event of a breach, including law enforcement, customers, credit bureaus, banks, and other businesses affected by the incident. Consult an attorney to ensure you have done your due diligence in contacting related parties.
Business owners should review the ‘Company Procedure’ with their employees every year to be sure all employees are following the same procedure to keep customer data safe.
Oh…by the way…when you check into a hotel room, be sure to actually use the dead bolt on your door so that no one else can enter your room, as that must be the only way you really are safe in the room! And, I do have to say that from a customer service perspective, I think the hotel handled it wonderfully.