One of the best resources for any business is a well maintained archive of customer records. By monitoring and updating the details of clients, be they potential or longstanding, a business can tap into a market offering deals and sales based on an individual or groups particular circumstances. How that data is stored, however, can be the difference between success and a potential legal headache.
The onus of responsibility for protecting that data lies with the company holding it, i.e. your business. This can happen in a variety of ways but there are few definites that every company should consider. Firstly their network should be as secure as they can make it. This is a general one that covers so many different factors of a network but in particular firewalls and terminal security should be in place and regularly maintained. If everything is working smoothly then these should prevent intrusions from outside.
Equally as important is properly archiving old data and securing that. Many networks that have been in place for a while suffer from endless folders of files stretching back years. At some point, if only for the health of the system, these files should be removed a new archive and wiped away from general use. Ultimately this data should be encrypted and kept off the network so they can’t be accessed. In simple terms this can be achieved using encryption software and transferring the files over to an external harddrive that is kept securely. In this way the files will still be available but only accessible physically.
Holding customer information is equivalent to looking after money for a friend. If the money is stolen from a locked house then it’s not your fault, if you left the money lying in the street then you can’t defend your actions by saying you took every available precaution.
Posted to Network Security