These days, it seems like hardly any time passes between headlines about the most recent data breach. Consider the revelation in late September that a security intrusion exposed the accounts of more than 50 million Facebook users.

For that matter, not much time goes by without a new survey or study that confirms the difficulty of data security. Forbes recently reported that US businesses and government agencies suffered 668 million security intrusions and data breaches in the first half of 2018 alone. It’s no wonder consumers have little faith in organizations’ abilities to protect their data. Only 20 percent of US consumers completely trust organizations to keep their data private.

No business is immune to data breaches, but that doesn’t mean you can’t do everything in your power to prevent them. By taking proven, sensible measures to ensure data security, your enterprise will not only tighten its defenses, but also promote trust among customers.

Here are five steps your organization can take that will demonstrate to consumers that you’re committed to data security.

1. Encrypt sensitive information.

Many industry regulations require certain data be encrypted, but it wouldn’t hurt if your organization considered safeguarding other types of data too. Almost anything can be encrypted. There are the obvious resources: email, SMS messages, user names, passwords and databases. Other sensitive data, such as intellectual property and the personal data of customers and employees, can also be encrypted.

Before considering encryption, review whether a particular type of data would cause financial harm and reputational damage to your organization if someone exposed and manipulated it. Encryption isn’t foolproof, especially if the key to encryption falls in the wrong hands, but it is a first-line security step that can show customers you take these matters seriously.

2. Optimize backup and recovery.

Most enterprises have data backup and recovery plans and likely rely on some form of disaster recovery (DR) technology, whether it’s offsite servers or a cloud service. But is it effective enough to boast about? An organization can’t make any stated commitment to protecting customers’ data if it’s at risk of losing it.

Because cyber incidents usually happen without notice and can go undetected for days, weeks or even longer, it’s critical to restore data to its clean, pre-breach condition. It’s a complicated process, but cutting-edge, purpose-built resiliency technologies can automatically recover data to its correct state and enable enterprises to find their footing quickly after a breach.

3. Promote compliance and transparency.

This year, organizations around the world started abiding by the General Data Protection Regulation (GDPR), a European Union standard for the handling of customer data. The GDPR essentially puts the power in consumers’ hands, enabling them to control how their data is stored and managed. It’s a thorough and detailed mandate for any organization, no matter where it’s based, to properly handle European citizens’ data.

Companies that comply with GDPR should use this compliance to their advantage by promoting how they collect, use and store consumer data. Asking users to review privacy settings or agree to a laundry list of new standards won’t effectively relay the steps you’re taking on their behalf. Instead, organizations should separately promote the many ways they follow GDPR and other compliance standards in easily consumable marketing materials. This will show customers that the organization is serious about its commitment to protecting personal information.

4. Consider cyber insurance.

In its annual study on the expenses of cybercrime, Ponemon estimates that the global average cost of a data breach has increased 6.4 percent over last year, climbing to an average $3.86 million in 2018. Those high costs have prompted many businesses to view cyber risk insurance as a critical investment.

Businesses that want the support of insurance should look for a policy that covers common reimbursable expenses. These might include a forensics examination to review the data breach, as well as monetary losses from business interruption, crisis management costs, legal expenses and regulatory fines. Hopefully, your enterprise won’t face many of those costs, but cybercrime is unpredictable. The peace of mind that insurance can provide you and your customers is worth the cost.

5. Work with a data security expert.

It’s not easy deciding which technologies and data security management strategies will work best for your organization. There are many technologies and strategies to implement. With regulations such as GDPR increasing expectations, don’t take any chances with customer data. Work with a data security expert that knows the lay of the land and already has insight on potential changes that would affect how you safeguard information.

Customers have an increasingly endless array of options to choose from on the digital market, so you might get only one chance with each consumer. Win their loyalty by demonstrating how you can expertly handle and preserve their data.

Learn about more ways IBM can help your organization secure your cloud platforms by registering for the guide to securing cloud platforms.

Was this article helpful?
YesNo

More from Financial services

How fintech innovation is driving digital transformation for communities across the globe  

3 min read - To meet the demands of today’s consumers, enterprises must be continuously innovating. But innovation doesn’t happen in silos. Fintechs, for example, have been transformational for the financial services industry, from democratizing finance to establishing digital currencies that revolutionized the way that we think of money.   As fintechs race to keep up with the needs of their customers and co-create with larger financial institutions, they can leverage AI and hybrid cloud solutions to drive true digital transformation and meet these evolving…

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

5 min read - The cloud represents a strategic tool to enable digital transformation for financial institutions As the banking and other regulated industry continues to shift toward a digital-first approach, financial entities are eager to use the benefits of digital disruption. Lots of innovation is happening, with new technologies emerging in areas such as data and AI, payments, cybersecurity and risk management, to name a few. Most of these new technologies are born-in-cloud. Banks want to tap into these new innovations. This shift…

Enabling GRC solutions for risk management  

5 min read - Risk management functions at financial institutions have typically relied on the same technology solutions for their organization for many years. Today, when risk management functions are faced with managing increased regulatory scrutiny and decreased budgets, many leaders are looking for new solutions, which can provide greater efficiencies and risk insights for holistic risk management. Specifically, we’ve seen firms question whether their current technology solutions:  Create meaningful value and insights for their institution, or are they merely check-the-box activities  Are mature…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters