By: Shimon Brathwaite
May 28, 2021
The Importance Of Data Security
By: Shimon Brathwaite
May 28, 2021
Data security means protecting digital data from unwanted actions or unauthorized access by users. The failure to protect digital data results in a data breach, which can have a huge impact on the profitability of a business. On average this incident costs a company about $3.24 million and decreases the price of shares by 7% on average. About 60% of small businesses that suffer a data breach go out of business within 6 months of a data breach. If this wasn't worrying enough it's estimated that there is a new cyberattack every 39 seconds. If companies don't invest properly in data security it's almost a guarantee that they will face multiple data breaches and this will cause severe problems for the business.
The first thing to consider for proper data security is what information needs to be protected. In most cases is personally identifiable information (PII), which is any information relating to an identifiable person. This includes information like full name, address, social security number, etc. Any information that can be linked to an individual needs to be protected with appropriate security controls. Failure to protect this information can be a big deterrent for customers that value privacy. The loss of customers and the costs associated with containing and eliminating the cause of the data breach is what leads to the $3.24 million per data breach. Protecting PII means using technical controls such as encryption, firewalls, and proper network segmentation, but it also means using administrative controls. For example, you should make certain that the only employees that can access this information are those that need it to do their job. They should not be given any access to information beyond what is needed. Also, you should be sure to anonymize your company's information whether possible because even if the information isn't secured properly it can't lead to a data breach even if it's leaked.
In addition to the financial aspects, there are also legal/regulation reasons for investing in data security. Compliance regulations such as GDPR, PIPEDA, or HIPAA require that companies have certain security controls in place to protect their customer's information. Failure to comply with these regulations can result in fines, which can be very expensive in themselves but also potential lawsuits by consumers that are negatively affected by the data breach. In extreme cases, you may be prevented from operating your business or even face jail time. You must understand the security requirements for any regulations that affect your business and put those controls in place to meet the data security standards applicable to you.
In addition to protecting the information of your consumers, you should protect the information of your company. This means any intellectual property that you have should be given the proper safeguards so that it can't be stolen by any employees and given to competitors. This information should be given out on a need-to-know basis only.
Data security is an essential part of operating an online business. The cost of cyberattacks has been steadily growing over the last few years and has grown to a significant amount per data breach. Companies must understand the importance of data security and take the proper steps to prevent repeated data breaches, which would easily cost them millions of dollars in the long run.