A recent data breach at a Park ’N Fly in Oregon has the U.S. Secret Service called in to investigate. This could have a broad impact on consumers flying into and out of the state for years to come. Data breaches like these are becoming all too common and costly. In fact, in 2014, the Identity Theft Resource Center documented nearly 800 data breaches involving more than 675 million estimated records affiliated with sensitive personal information. To avoid becoming the next headline, five steps companies can take to mitigate a data breach in 2015.
- Know what to shred. The National Association for Information Destruction, Inc. (NAID®) recommends that all document coming into and out of the office on a daily basis need to be shredded. That includes:
- Proprietary details about your company Information about your competition
- Your client’s personal information including social security and health information, bank statements, credit card numbers, telephone and date of birth information
- Handwritten notes
- Develop a plan. Having a written policy in place that outlines proper procedure of what is considered company information and a guide for properly destroying it can avoid confusion and ensure compliance. Also, it’s a good idea to designate a champion of this document and initiative.
- Run background checks. Fourteen percent of all data breaches were the work of an insider according to an annual Verizon report, which counted 621 confirmed data breaches in 2012.
- Educate employees. Along with the hiring of trusted employees, training is another critical step in breach preparedness. Employees must be trained on handling private information as well as spotting instances of potential data breaches, like a phishing email.
- Plan for a disaster. The average total cost of a typical breach is $5.4 million in the United States. Companies should develop a plan that handles the financial side of a data breach as well as the communication. Both internal and external communication is necessary post-data breach. If customers are involved, their own protection involves changing bank account information, being more alert for phishing attacks, and frequently checking credit reports.
To ease public concerns regarding its breach, Park ‘N Fly is offering affected consumers 12 months of free credit monitoring services, a move that will cost the company thousands of dollars.
DataShield strives to protect company information by leaving nothing to chance. Contact our security experts today to develop policies and procedures related to the flow of information within a company. All businesses are at risk for a data breach, but protecting information is the first step to not falling victim.