Why Companies Ought to Protect Identity Data

By now you are probably sick and tired of hearing about the Equifax data breach. It seems to come up in every cyber news article since its revelation in September 2017. Even so, the cybersecurity community is talking about Equifax for a good reason - it was a wakeup call for organizations everywhere.

More than 145.5 million U.S. consumers were impacted by the data breach; the largest in history. If the credit reporting agency had done more to protect identity information, millions of Americans wouldn't have to worry about potential identity theft.

Below, CyberPolicy discusses the importance of protecting identity data. Remember that cyber liability coverage insulates businesses in the event of a data breach. Don't neglect this vital service.

What Hackers Want
The first thing we need to do is define what identity data really is. Luckily, this is easy to do. Identity data is any information that could be used to identify a specific user or consumer. This includes names, addresses, email addresses, social security numbers, and more. In many cases, a name, SSN, and birthdate are enough to steal someone's identity.  

Why should this matter to private businesses? Well, let's say your retail store is hacked by a point-of-sale scam. Cybercriminals infiltrated your POS system and are now using it to swipe your customers' credit card numbers. Once this is discovered by the public, how many folks do you think will still want to buy from your store? You see the problem.

But while stolen credit cards are bad news, stolen medical records are much worse. Hackers love to pilfer patients' healthcare information and resell it on the dark web. Digital black-marketers actually prefer medical records to stolen credit cards. Credit cards can be canceled and they expire. This is not the case for SSNs, names, or birthdates. If you run a healthcare practice, it's your job to keep patients healthy and happy. That's hard to do when you're opening them up to identity theft.

Of course, it's not just the retail and healthcare industries that need to worry. Literally, any company that stores customer data or hires employees needs to consider the risks of a data breach. After all, how would you feel if the company you worked for lost your personal information to a hacker? Not happy, that's for sure!

Keeping Data Safe
Now that you understand the severity of a data breach, you need to safeguard your business. Here is a handful of suggestions to better shelter personal and financial information:  

  • Protect your most sensitive data in an encrypted cloud. The cloud is much safer that on-premises storage solutions.
  • Hash and salt customer data. These obscure crucial information such as passwords, SSNs, and credit card numbers so that even if your cloud is hacked, the information cannot be read.
  • Silo your data based on who needs it most. Not every member of your organization needs access to identity data. Segment employee access based on a need-to-know basis.
  • Understand that not all data needs to be saved. Protect your customers by refusing to save some information. After all, it can't be stolen if you don't have it.

And finally, invest in cyber liability coverage. If you are hacked, you won't be stuck with the consequences alone. Visit CyberPolicy to explore your coverage options today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375