In 2014, Bell Canada was hacked and over 22,000 of its small business companies had their passwords, usernames and other sensitive information stolen. When a company as large as Bell Canada is hacked, it’s time to sit up and take notice. After all, if a company like them, with deep pickets and supposed access to the best security systems available, can be victimized in this manner, where does that leave the rest of us?
Companies like yours that collect private customer data, even if you’re using private data for the benefit of the public, need to be vigilant about protecting customer data and not exposing it to criminals. So how can you be sure you’re protecting sensitive data to the best of your ability?
Assign Security Levels to Employees
Take a page from the military and assign security levels to employees. Not everyone in your organization needs to have access to customer usernames, passwords, credit card information or other data. In fact, very few should have access to these things. You give your human resources manager a key to the locked filing cabinet holding employee information. Your customer data should be locked in the same way, within your organization.
To manage this, include security levels in your operating manual. Anyone below a certain level should never be able to view a customer’s private information. If a breach does occur, you’ll have a limited list of suspects to consider.