Issue: It's easy, and tempting, for employees to access customers' and clients' financial data that you keep.
Risk: Victimized customers would abandon your organization in droves.
Action: Check your data security policy against the following list. Urge your executives to enact any steps that your policy is missing.
Con artists and hackers aren't the only threats to your customers' credit card numbers, Social Security numbers and other financial data.
Recent study: 46 percent of employees and managers polled by Harris Interactive said it's "extremely easy" or "easy" to steal customer data from company databases.
Our advice: Limit access to employees who have a business reason for seeing your customer data. Here are six more tips:
- Train employees to take basic steps to protect customer information. Let only trained workers handle calls requesting private data. Remind staff in print and in regular meetings that they can lose their jobs and be prosecuted for misusing data.
- Limit outside access to customer data by business clients and partners. If you share information with other organizations, require that they sign a contract restricting their data use.
- Plant fake entries, such as addresses and account numbers, in customer lists. Monitor them for unauthorized charges.
- Periodically review computer activity logs to spot unauthorized users and determine suspicious patterns of access.
- Dispose of outdated customer information. Store paper reports securely until you can shred them. Erase all data from computers, diskettes and hard drives if you decide to sell them or give them away.
- Require employees to sign an agreement consenting to obey your policy of protecting customer data.
Final note: Here are three online resources that provide advice on preventing ID theft and links to other such sites: