The high cost of data loss

We try to exercise due caution when posting sensitive personal information on the Internet. We try and stick to reputable companies that guarantee site security. But even the best security systems in the world can’t defend themselves against human fallibility or the lure of easy money.

Data can be lost in a number of ways: hardware can be stolen, sensitive documents may be left lying around, sensitive information can be sent by post and lost, stolen or be otherwise waylaid, and information can be sold to the wrong people. In one instance in the US, it was routine practice for the employees of a well-known health care system to take tapes home to perform data backups. One staff member left the tapes in the car, and crime being what it is they were stolen, right in front of the employee’s house. The upshot of the incident is expected to cost between $7 and $9 million, not including the potential lawsuits from disgruntled clients whose social security numbers and bank details were on the stolen tapes.

Lost data costs the companies responsible more than just money. They lose time investigating cases. They lose momentum, as they have to take a step back to analyse their systems and procedures. But the cost to their reputations and credibility far outweighs any other consideration. Once trust is lost, it’s virtually impossible to win back. Victims of data loss don’t wait around to be bitten again. Having learnt about security the hard way, they are likely to investigate their options and move to companies that place more emphasis on security than any other feature.

There are few laws in place that regulate company responsibility and client reparation in instances of data loss, which is why civil lawsuits are so abundant. Most clients have to rely on the integrity of companies, and hope that they will be notified when breaches of security occur. Honesty is always the best policy, not least because clients deserve the opportunity to initiate protective measures, such as setting fraud alerts on credit cards and bank accounts.

Being upfront about security breaches and the steps taken to address them goes some way toward allaying client fears and retaining their custom. Clients feel that even though the company is fallible, admitting as much shows strength of character. While acting quickly to address the problem increases their confidence that companies have their best interests at heart.

Data lost through negligence or ignorance can be combated by proper staff training and monitoring. Not to mention fair remuneration packages. More diligence and caution should be exercised when negotiating with new partners or outsourcing services. Before signing any contracts you should ask yourself whether you’d be prepared to trust any newcomers with your personal information. Putting yourself in your clients’ shoes is the least you can do for them.

It’s also worthwhile to increase your budget to purchase top of the line security systems, or hire “expert” experts who’ll develop the best security systems tailored specifically for your business. A little extra money at the outset could save your business in the long run.

The introduction of fines and other penalties for companies that lose data is slowly leading toward a culture of accountability in the online business world. It’s no longer enough for companies to point helplessly at outside forces when their defences are breached. They need to be proactive when it comes to protecting all their information. Their professional lives depend upon it.

Recommended sites:

http://www.informationweek.com/showArticle.jhtml?articleID=183700367

http://weblog.infoworld.com/techwatch/archives/010868.html

http://www.securityfocus.com/columnists/462

Sandra wrote this article for the online marketers MVI Data Recovery data recovery one of the most successful data recovery companies in the UK today.