When you hear the name Equifax, what comes to mind? For many people, the expansive data breach from 2017 comes to mind. It destroyed consumer trust. 通过确保关注安全,让客户满意并建立持久的关系.
In 2022, Statista reported there were 1,082 data breaches in the U.S., and those breaches affected 422.1400万人. 截至2023年10月,已经发生了694起数据泄露事件,影响了6.12亿人. Progress MOVEit is one of the biggies. 安全的MFT软件在世界各地使用,许多使用它的皇冠hg888注册都受到了影响, including the Government of Nova Scotia, John Hopkins University, 俄勒冈州的点, 壳牌, 加州大学洛杉矶分校, and United 医疗保健 Student 资源. More than 60 million individuals have been affected, so far.
当数据泄露发生时,即使它不是由你直接造成的,也会影响消费者的信心. Taking every possible step to 防止违反 and protect consumer’s PII is essential. 你是怎么做到的?
Follow the Federal Trade Commission’s Five-Step Plan
The FTC has a simple five-step guide to protecting PPI, which is an important part of gaining customer trust.
“盘点”
Make sure you have a list of the PII your company stores in files, 电脑硬盘, 以及外部设备. What devices contain PII? 不要忽略任何东西,并确保在信息中总是有它的最新位置. 如果有人使用设备并将其从储藏室中取出,他们需要将其注销.
What information is sent to you at any point of the day? 即使发送信息的人是一次性用户或客户, you need to know what information you’re getting from them, 任何承包商, 等., and know the route it takes to get that information. 这些信息在哪里传输,在每个接触点是如何处理的?
Know the laws that apply to your business or organization, too. If you have private medical data in your files, HIPAA laws apply. 格雷姆-里奇-比利利法案适用于金融和保险公司. There are also state and EU laws that may impact you, 因此,未经用户同意,可能不允许存储和使用cookie.
“缩小”
Don’t store more information than is absolutely necessary. If you are selling products in an online store, there’s no reason to keep a customer’s age, 比赛, 或者出生日期. 你可能认为这些信息对市场营销很重要, 但是你必须决定什么对商业交易最重要. Storing too much PII is risky.
在订阅hga皇冠注册之外,不需要存储信用卡. You also are not likely to need a customer’s SNN. 特别重要的是要避免将这些信息与手机应用捆绑在一起. 您存储的接触点和信息越多,确保其受到保护的工作就越多.
At the same time, limit access to PII to those who need to access it. Your sales team may need to access credit cards, but someone in the distribution warehouse wouldn’t need it.
“锁”
您已经采取了适当的步骤,并且拥有了PII存储位置和访问它的人员的电子表格, and you’ve scaled down the unnecessary information. It’s time to check your security measures. 确保您在保护您的业务需要存储的信息方面采取了最谨慎的措施.
Paper documents need to be in fireproof, locking files. The same is true of thumb drives and 外置硬盘. 把它锁在只有授权人员才能进入的房间里.
当有人吃午饭或上厕所时,电脑不能开着. They need to log off and turn off the screen. A computer sleep mode is worthwhile.
Make sure you have heightened security like firewalls, security suite software, and private networks that constantly monitor for threats. If you have to send anything, use encryption. Do not allow employees to download software. 如果他们收到一封来自股东或经理的电子邮件,要求他们点击链接或打开文件, they should not without verifying it’s truly from the sender.
Any software that is used has to be updated regularly. 开启安全软件自动更新并定期运行扫描. 制定时间表.
另一步是确保员工使用强密码,并开启多重因素. The harder it is to get into software, the more secure it is.
“节”
当客户离开或不再需要信息时,销毁数据. If a computer breaks down or is no longer needed, 在不破坏数据的情况下,不要捐赠或出售或拍卖它. Data destruction is a must.
Paper documents must be shredded into the smallest pieces possible. Storage devices like thumb drives, 外置硬盘, 智能手机或平板电脑等电子产品不应该恢复到出厂设置. 这还不够. 您需要一个专业的ITAD提供商来确保数据被销毁,以防止任何未来的访问.
“提前计划”
Have a plan in place in case of a breach, theft, or other incident. You can’t guarantee that your office or store is never broken into. Ransomware is always a risk. 如果最坏的情况发生了,制定一个计划是很重要的.
If there is a breach, have steps for employees to follow. 这可能意味着关闭所有电脑,手动工作一段时间. Report the breach to the proper authorities immediately. 不要等到几周或几个月后才报告数据泄露或盗窃,并通知你的法律团队.
Carefully Choose an ITAD Provider
Any electronic devices you have must be destroyed properly. 如果它们仍然有价值,那么数据销毁必须是翻新过程的一部分. Working with a highly rated, certified ITAD provider is essential.
当您选择ITAD供应商时,需要寻找一些hga皇冠注册. Take a closer look at what they are and what they mean.
- 电子管家-电子产品的回收是按照保护hga皇冠注册的措施进行的, 包括在本地处理和回收所有电子产品,不向海外运输.
- NAID AAA – Data protection regulations, including security processes and procedures, 使用的设备, and employee training, all meet i-SIGMA’s rigid standards.
- R2 – Recycling practices protect the environment, support a circular economy by preserving resources, and keep workers safe and healthy.
hga皇冠注册 is certified in e-Stewards, NAID AAA, and R2. 此外,hga皇冠注册是美国第一家AICPA SOC 2 II型hga皇冠注册公司. 该hga皇冠注册授予那些有效培训员工进行风险管理和行业合规的电子回收公司.
通过与数据销毁方面的专家合作,您客户的PII将得到保护. You’ve done everything possible to 防止违反 and data theft. 此外,您将有来自hga皇冠注册的证明,证明您遵守了法律法规. 跟我们谈谈 关于你的ITAD需求, 无论您是需要在您的办公地点销毁数据,还是放心地将其运送到我们的安全设施之一.