Businesses have never needed to address data security more urgently than they do now.
The constant stream of data breach headlines pertaining to some of the biggest companies in the world indicates the fever pitch we’re reaching.
A recent data breach at the Australian Red Cross, for example, left over 1.2 million blood donor data records exposed, seriously hampering efforts to encourage people to sign up to the donor scheme.
More worryingly, it was the largest data breach in the country’s history, which indicates a general worsening trend in the scale of such attacks. These incidents are causing a great deal of damage to consumer relations and trust levels.
In the data breach age, where data security is inextricably linked with customer satisfaction, these incidents are creating panic among consumers and as a result confidence is taking a hit.
In fact, research earlier this year into the state of consumer confidence in data privacy revealed that security fears stop half of UK consumers sharing their personal data.
>See also: 8 urgent data protection laws for business
What’s more, over half are reclaiming access and plan to share less data over the next 3 years, while a third claim nothing could incentivise them to share their data at all.
As businesses attempt to win back customer trust, there’s another critical party to keep happy – the regulators.
Customer demand for more effective data protection is a key driver in the approved EU General Data Protection Regulations (GDPR).
As the volumes of personal data being handled by organisations across the globe increase, so do the levels of regulations to contend with.
Worryingly, those who fail to manage and protect sensitive information today can receive a hefty fine of up to 4% of global revenues for non-compliance – a sum that could severely impact business viability.
What’s more, following the UK’s decision to exit the European Union, companies operating in the UK will have to have an extremely thorough view of their data to ensure they can navigate the potential complexities which will develop if the UK puts its own data regulations in place.
Defend the data, not the door
With data security now firmly established as a crucial differentiator for companies looking to attract new customers and retain their existing base, the spotlight must be turned on existing security practices.
Although effective to a degree, many of the firewalls and anti-virus applications traditionally used to maintain data privacy are insufficient to provide the complete protection that modern digital consumers require.
Regardless of the industry, organisations need to ensure that they adopt a data-centric security programme, prioritising defensive actions based on the movements of the data itself, rather than simply trying to erect a border strong enough to keep out intruders.
>See also: Big data vs. privacy: the big balancing act
Rather than treating data as a single entity to be protected, they must track and trace the proliferation of information across the organisation to understand how it was created, whether it is secure and where it is propagated.
Only with that deep metadata can they ensure the right measures are in place to protect personal data effectively, to meet regulatory demands and allay security concerns.
In the end, this kind of approach will go much further towards guaranteeing income streams. Commercial activity can be seriously damaged by a leak, so good security is an investment in the viability of the business.
Repairing the communication breakdown
However, bolstering security measures is only half the battle.
To reassure customers and secure access to data in the long-term depends on taking proactive steps to build trust.
Companies need to boost consumers’ confidence in their products, services and security measures by listening to what they want and responding accordingly.
Social media companies have demonstrated to a great extent the way forward on this issue by providing users with a greater sense of autonomy over their data.
Consumers are increasingly vocal in their demand for control over how their data is stored, archived or deleted across social networks.
By giving them more control over what happens to their data, businesses can restore faith and demonstrate effective communication.
For example, a major part of Snapchat’s USP is the deletion of images after 10 seconds, with consumers enjoying the sense of anonymity and privacy which this brings.
>See also: Privacy Shield: how to comply when data regulations go off-road
However recent rumours that these images were stored in the company’s servers damaged that relationship, prompting fears of covert data stockpiling.
The company was quick to reassure customers that this was not the case, repairing the rift.
Openness and honesty are key when it comes to security communication – letting customers know exactly where their data is, and if possible, giving them the final say over whether it is stored or deleted.
Keeping control
Ultimately, businesses are competing on customer service, rather than price.
As a result, consumer purchasing decisions are now heavily influenced by how trustworthy an organisation is, the investment it has made into data security and how it acts in the event of a breach.
As those concerned watch new data breaches play out in the headlines and monitor the changing regulatory landscape, the organisations who succeed in mastering data protection and breach resiliency will be the ones to turn the tide on consumer trust.
Sourced by Greg Hanson, vice president worldwide presales consulting, Informatica