Open Enrollment | Subscribe to Target Marketing HERE
Connect
Follow us on
Advertisement
 

How To Prevent a Customer Data Breach Disaster ... and What To Do When You Fail

March 2, 2011 By Heather Fletcher
Get the Flash Player to see this rotator.
 

1. Data classification: Audit the data being retained, where is it stored and how it should be destroyed. "Today, marketers collect, use and append a great deal of data, yet often do not have the discipline of knowing what is stored, who has access to it or where it is stored. ... They need to employ measures to protect the data (i.e. encryption) that is in transit (moved to service providers or employees) or at rest (stored or archived), and data that is in use."

2. Implementing data loss prevention technologies: Ninety percent of breaches can be prevented through best practices. According to Spiezle, "there are several best practices that are often overlooked or not adequately maintained," including:

  • use of Secure Socket Layer (SSL), an encryption protocol for Internet communications, for all data collection forms;
  • extended validation SSL certificates for all commerce and banking applications;
  • data and disk encryption;
  • multilayered firewall protection;
  • encryption of wireless routers;
  • default disabling of shared folders;
  • dual factor authentication to limit or control access;
  • security risks of password reset and identity verification security questions;
  • upgrading to browsers with integrated anti-phishing and anti-malware;
  • email authentication to help detect malicious and deceptive email and websites;
  • upgrading to current browsers;
  • enabling privacy and data collection controls;
  • automatic patch management for operating systems, applications and add-ons;
  • inventory system access credentials;
  • remote wiping of smartphones; and
  • use of Domain Name System Security Extensions (DNSSEC).
3. Creating an incident response team, which should have:
  • a corporate officer or executive with broad decision-making authority;
  • representation of all key internal organizations;
  • "first responders" available 24/7, in the event of an after-hours emergency;
  • a spokesperson trained with media and incident response who has a deep understanding of operations and security;
  • a team of appropriately trained employees;
  • someone who has access and authority to key systems for analysis and back-up;
  • the appropriate authority and access to management to take actions that may require higher-level approvals; and
  • a summary of key contacts, including after-hour numbers for both internal and external contacts, outside legal counsel, and the PR agency.
4. Creating a project plan that addresses:
  • Who, internally and externally, needs to be informed and when?
  • What data do you or your partners hold and how have you protected it?
  • What changes need to be made to your internal processes and systems to help prevent a similar breach from reoccurring?
  • How damaging will the loss of confidential data be to your customers or partners?
  • How damaging will the loss of confidential data be to your business and employees?
  • What level(s) of law enforcement should be involved?
  • Are the answers above the same for all of your customer segments?
5. Who needs to be notified? Should you notify stockholders, consumers, partners, regulatory agencies and/or law enforcement agencies?

6. Drafting and communicating responses: "The goal is to create templates and draft documents, Web pages, FAQs and other supporting materials in advance," says Spiezle. Those can include:  
  • internal communications;
  • partner communications;
  • phone scripts;
  • on-hold messages;
  • spokesperson training;
  • email and letter templates; and
  • website and FAQs.
7. Providing assistance and remedies to customers or partners affected by the data breach: "This can range from credit reports to ID theft mitigation services," says Spiezle. "The need is based on the breach type and information disclosed."
 
 

SPONSORED CONTENT

MORE ON DATABASE & CRM >>

FROM THE BOOKSTORE

As important as email marketing is, being an expert at it is no easy task. But do not fret. Email Marketing 2014 provides the trends and best practices you need to follow. You'll find: 21 email trends charts featuring data from Who's Mailing What!Analysis of 11 effective cross-channel emails Best practices covering everything from email copywriting and design to data, metrics, CRM, deliverability and more4 email case studies Email Marketing 2014 Trends, Best Practices & Case Studies

As important as email marketing is, being an expert at it is no easy task. But do not fret. Email Marketing 2014 provides the trends and best practices you need to follow. You'll find: 21 email trends charts featuring data from Who's Mailing What!Analysis of 11 effective cross-channel emails Best practices...

ORDER NOW

This PDF book explores a range of marketing metrics and seek to help marketers to answer such questions as:  What metrics to use to determine whether your marketing/advertising programs are accountable? And is it a waste of money, hence a danger to the company, if your marketing strategy and executions are not accountable? How to calculate how much you can afford to spend to acquire a customer or make a sale. And how can you calculate the customer’s lifetime value? How to understand the relative economics between customer acquisition, retention and CRM. How to measure the funnel process and which improvements will have the most impact.Your download of this book will also include model templates that you can use to immediately calculate and increase profitability for all your marketing efforts.  Profiting from the Magic of Marketing Metrics

This PDF book explores a range of marketing metrics and seek to help marketers to answer such questions as: What metrics to use to determine whether your marketing/advertising programs are accountable? And is it a waste of money, hence a danger to the company, if your marketing strategy and executions...

ORDER NOW

 

COMMENTS

Click here to leave a comment...
Comment *
Most Recent Comments: