What Retailers Can and Should Be Doing to Avoid a Disastrous Breach
With data breaches becoming a daily event in all industries – retail, government, healthcare, large corporations among others – what can retailers do to help their customers feel comfortable about handing over credit card information when they make a purchase? This applies to online and offline shopping environments. It’s a scary time for retailers because it was big news when some very large retailers were in the headlines for data breaches. If it can happen to them, it can happen to any retailer of any size.
The issue of cybersecurity will never go away with continued advancements in technology and growing reliance on computers to complete business transactions. Cybersecurity will only to continue to be a priority for any company, retail or not. And customers expect the businesses they patronize to be taking all the necessary steps to secure the data they collect from customers.
The minimum standard today to be secure is to have an
incident response plan in place and a cyber-insurance policy.
Communication, both internally and externally, is a key factor in the battle of cybersecurity. Companies need to be sure they are clearly communicating the importance of cybersecurity and the seriousness of the issue to their employees. They must communicate that they expect every employee to take it seriously too. If there is a breach they must communicate with their customers about the breach and what steps they are taking to mitigate damage.
Smart retailers take the following steps:
- Update technology like payment terminals
- Collect information only when necessary
- Have processes in place to secure personally identifiable information
To have a strong security position, key elements are:
- Employ a Chief Information Security Officer (CISO)
- Have a preparedness plan that is updated
- Practice your plan at least twice per year
- Encrypt data
- Train employees on security protocols