5 Ways to Keep Your Client Data Secure

You can't run your business without collecting personal and financial information about your clients. Yet, if sensitive data falls into the wrong hands, it can lead to fraud and identity theft.

April 1, 2010

Given the cost of a security breach — losing your customers’ trust and perhaps even defending yourself against a lawsuit — safeguarding personal information is just plain good business.

1. Take stock of what you have. Know what personal information you have in your files and on your computers. Understanding how personal information moves into and out of your business and who has access to it is essential to assessing security vulnerabilities.

2. Secure your Web applications. Pay particular attention to the applications on your Web site through which you collect information and consumers request information. These can be vulnerable to a form of hacking known as injection attacks, in which a hacker inserts malicious commands into your online form. Once the commands are in your system, the hacker can grab your data.

3. Secure your points of connection. It’s one thing to secure your computer system; it’s another to secure the devices and applications that connect to it. These include laptops, cell phones, and your Web site. If your laptop has been compromised, it can open a door into your system. 

The same thing applies to vendors who provide data processing or other services on a contract basis. If their computer is compromised, they can infect yours when they access your system. You’ll also want to limit storage of your sensitive information to only computers that don’t connect to the Internet.

4. Don’t trust just anyone. Your security measures are only as thorough as the people who work with you. Assistants and team members must agree to uphold the confidentiality of your sensitive information and participate in training on keeping your data secure. If there’s ever any doubt, withhold their access to sensitive data.

5. Think about physical security too. Many data compromises happen the old-fashioned way — through lost or stolen paper documents. Often, the best defense is a locked door or an alert employee. Store paper documents, sensitive files, and backups in a locked room or file cabinet.