![[Jcount.com]](https://www.jcount.com/wp-content/uploads/2014/08/jcount150X50.png)
![[Jcount.com]](https://www.jcount.com/wp-content/uploads/2014/08/jcountstartupslogo1.png)
Back in 2015, Ashley Madison got hacked, and all of its customers’ data got released in full to the public. It was a massive breach of customer confidentiality that shook the dating and matchmaking world.
Ashley Madison is an extreme example, partly because of the media coverage. But the story highlights just how important it is that companies protect their customer’s information and data. With hacking and phishing on the rise, this is easier said than done.
According to Juniper Networks, cybercrime is expected to cost the US more than $2 trillion by 2020. That’s a staggering figure – around 10 percent of GDP. With customer protection becoming such an issue, what can startups do? Check out these risk mitigation strategies.
Get A SOC Report
Almost all modern businesses rely on external service providers. These providers do everything, from offer archive storage to provide email accounts. As a result, they have to be able to protect customer information fed to them. SOC reports, like the SOC report by Holbrook and Manter, ensure firms protect confidentiality. Typically, these audits are very much focused on IT, but they can branch out into other areas.
Boost Your Encryption Practices
One of the biggest flaws of many modern businesses is a lack of up-to-date encryption methods. Outdated methods can often be hacked in a matter of seconds. For instance, if your business uses WiFi, only use WEP or WEP2 encryption. Other encryption methods are no longer secure against determined hackers.
Establish A BYOD Policy
Allowing employees to use their own devices is an attractive policy for businesses. It saves on costs and helps to make their work more efficiency. But “Bring Your Own Device” policies put companies at significant risk. A study by EVault found that around a fifth of US BYOD employees had sensitive company data on their personal devices.
The solution is to implement a secure virtual private network on company laptops and mobiles. Businesses also need to have strong policies in place for disabling device access should any device be stolen.
Monitor Websites For Malware
Many companies inadvertently put themselves at risk by accessing compromised websites. Frequently web browsers and ISPs will warn people not to visit certain websites if they believe that they have been compromised. But these systems are not yet 100 percent effective. It’s a good idea, therefore, to use active malware monitoring software. This software investigates the code of a website to check for anything malicious. If it detects malicious code, the site will be blocked. Symantec Endpoint Protection and HackAlert are two examples of software designed to prevent malware infecting your network.
Never Store Sensitive Information
If you take payments online, you’ll collect lots of data, including CVV numbers and other credit card details. There’s often no need to keep this information after the sale has been made. So make sure that you regularly purge this information to avoid compromising customer security. Remember, the costs of a data breach far outweigh any additional customer convenience.
