Any business can suffer a data breach. Despite what you may think, they don’t only affect large organisations. Its how you proactively react to very real threats of fraud that will determine how to regain trust after a data breach. Once trust is broken its difficult to get it back.
You might assume that a smaller company wouldn’t be of any interest to hackers, but every business which operates online is open to the possibility of attack.
Of course, your first line of defence is to make sure that your anti-virus software is updated regularly and that you have appropriate security systems in place, but even those may not be enough to protect your data from attack.
A data breach will affect consumer trust and impact on business reputation, so if you’ve been unfortunate enough to experience such an occurrence, it’s crucial that you act quickly. The way in which you respond can go a long way to restoring the trust of your customers. However, you only have one chance to get it right, so it’s advisable to have plans in place from the outset.
Communicate honestly with your customers
Never try to keep quiet about a data breach as that will only harm your business reputation when the facts emerge. Appoint a member of staff, ideally from within your information security team, to represent the public face of your company as you deal with the fallout.
Go public with a carefully-worded statement, outlining the problem and indicating the steps that have been taken to resolve the issue. The faster you can respond, the greater the chances that your customers will react favourably.
Take steps to discover how the data breach occurred and then prepare a statement informing your customers of the issues. This could take up to a week, depending on the size and scale of the data breach, as it may take some time to discover exactly what went wrong. Your aim is to reassure the public that this was a one-off event that cannot now be repeated.
Bear in mind that, thanks to social media, news travels quickly, particularly bad news. So, there’s a good chance that your customers will find out about the breach through public postings. Try to pre-empt this situation by informing them personally about the problem, perhaps via email. This can go a long way towards restoring the good name of your business; after all, everyone is vulnerable online. It’s the way that you deal with the fallout that makes or breaks your company’s reputation.
Be sure to keep your customers informed about the steps you are taking to secure their data, to ensure that there are no repeats of the security breach. They will greatly appreciate being kept up to date with events and it will help to keep them on-side.
Reward loyal customers
It’s inevitable that a data breach will cost you some of your customers. And be prepared for your competitors to take advantage of the situation too, perhaps by trying to entice your customers to switch to them instead. The best way to challenge this is to offer a generous discount, or some other reward, to those customers who choose to remain loyal to your brand. It doesn’t have to be an expensive gesture, but your core customers will greatly appreciate it.
Tighten up on security
New business ventures often use a generic ISP for their online needs, but although this is extremely cost-effective, it offers very little in the way of security. When your business stores sensitive information about your customers, such as their email address, password and bank account details, a basic ISP simply isn’t sufficient. A Virtual Private Network, otherwise known as a VPN, offers far higher levels of protection against hackers, since data is encrypted, making it much harder to access.
What should a company do after a data breach?
Once security has been breached, you’ll need to take steps to ensure that such an event can’t occur again. This is the perfect time to look at your online security systems to find out what more your business could be doing to keep customer data safe and secure.
The type of software you choose will depend on the size of your business as well as your available budget. Do bear in mind that customer security is not an area in which you should be looking to make savings. Your customers are your most precious resource, so it pays to keep their data as safe as you possibly can, even if that works out to be more expensive than you had budgeted for.
If you can possibly afford the associated costs, it’s well worth appointing a data security expert to manage your online security. You don’t necessarily have to go to the expense of hiring a dedicated permanent member of staff. Security can be outsourced to companies who will overhaul your entire data security systems, ensuring that no further breaches can occur. You can then arrange for security experts to check your systems on a regular basis, so that your data is fully protected at all times.
Consumer trust: hard to build, harder to re-build
PCI Compliance is key to building trust with your customers. It signifies that your business can be...
Understanding PII: the storage of sensitive details
Personally identifiable information (PII) is any data that can be used to an identify an...
What Is the cost of PCI non-compliance?
The emergence of most new industries and technologies brings with it an urgent requirement for...