Five Key Principles to Prevent Data Theft

Mar 07, 2016

The average US corporate data breach in 2015 cost $6.5 million and put over 28,000 customer records at risk, according to IBM’s 2015 Cost of Data Breach Study.

Data breaches can be dangerous and costly affairs, and yet many companies are unsure how to protect themselves. When you consider the possibility of customer turnover, bad PR, and the loss of new business, it is clear that inadequate information security may have serious consequences.

IBM reported the three main causes of a data breach: malicious attacks, system glitches, and human error.  Most organizations are susceptible to at least one, so discovering your vulnerabilities and focusing resources to overcome them is key in developing a security strategy.

The US Trade Commission provides a guide aimed at helping organizations enhance their data security. The five key principles they advocate are:

  1. Take stock. Know what personal information you have in your files and on your computers.
  2. Scale down. Keep only what you need for your business.
  3. Lock it. Protect the information that you keep.
  4. Pitch it. Properly dispose of what you no longer need.
  5. Plan ahead. Create a plan to respond to security incidents.

IBM also found that even the best internal security processes may fail if your third party vendors don’t take similar measures to protect your data. They report that the most costly breaches included third party involvement, like the breach of an AT&T vendor facility that caused $25 million in fines.

Despite this, many organizations often overlook security when selecting third party vendors, including their language services provider.

Language service providers with minimal security measures may expose you to unnecessary risk. These vendors come in contact with some of your most private customer information, such as credit card transactions, on a daily basis, so their security protocols deserve close examination.

To minimize risk and help narrow your field of search when selecting third party vendors, consider the following:

  • Do the vendor’s security standards match your own?
  • Is the vendor storing your data or disposing of it? Is this done securely?
  • Does the vendor have secure processes in place for financial transactions like credit card payments?
  • Does the vendor hold qualifications that indicate reliability, such as PCI compliance or ISO certification?

 

Businesses cannot afford to overlook the importance of data security. Focusing on security and being proactive with your strategy will reduce the legal and financial risks of potential data breaches. Your customers will thank you.

Voiance is a division of CyraCom and is the leading provider of language interpreting services to Fortune 500 companies, government agencies, and contact centers. Our internal audit group aligns our standards with our clients’ in the areas of data security, business continuity, and disaster recovery. Our large-scale interpreter centers enable compliance with security and confidentiality protocols, including increasingly rigorous consumer privacy laws. We utilize a secure process to ensure only authorized personnel can enter, employ both physical and electronic surveillance, and supervise adherence to regulations and client requirements. We receive regular audits for ISO 9001:2008 and PCI compliance, and our facilities successfully pass multiple, recurring client security audits.

New Case Study: Highly Effective Multilingual Support for a Fortune 100 Health Insurer  Download Case Study