laurencem

By: laurencem on May 29th, 2018

Print/Save as PDF

4 Confidential Information Mistakes to Avoid

Cybersecurity | Managed IT Services

Nearly two out of three adults in the United States have fallen victim to some form of data theft, according to Statista, and most of those victims had their confidential information compromised. To keep customers safe, managed IT services providers recommend steering clear of these four dangerous mistakes.

entering confidential information into the system
Any of these mistakes could potentially expose your customers’ confidential information.

Mistake #1: Using Social Security numbers for unintended purposes.

login informationSocial Security numbers should only be used for required purposes, such as reporting employee taxes. Social Security numbers should never be used as account numbers, customer numbers, or employee numbers. If your organization currently uses Social Security numbers in this way, it's urgent to change your policy and issue new identification numbers.

Mistake #2: Allowing all employees to access confidential information.

accessEmployees should only be able to access the personal information they need to do their jobs. Restrict employee access according to specific job functions, and review this access regularly as responsibilities change.

 

Mistake #3: Retaining customer credit card information longer than necessary.

credit cardKeep a customer's credit card account number and expiration date only as long as you have a crucial business need for it. Then remove it from your system. The longer you keep that information, the greater the risk that it could be used to commit identity theft or fraud.

 

Mistake #4: Collecting unneeded information through apps.

applicationsWhen developing an app, your team should have guidelines on exactly what information the app needs to access and collect. It's a common mistake to collect too much information by default. Instead, make sure that your app accesses only the information it needs to operate.

Remember: Hackers can't steal confidential information you don’t have.

Your organization is responsible for protecting any information that you collect and retain. That’s why it's important to avoid gathering any personal information unless you have a legitimate business need for it.

Keep any confidential information in your files only as long as necessary. Once the need has passed, remove the information from your system. Doing so not only protects your customers but also protects your organization from liability.

Protect your customer information with managed IT services.

Intelligent Technical Solutions is a leading managed IT service provider with the tools to protect your customer information and your entire organization. Contact ITS today for a free security audit.The Whys and Hows of an Engaging Cybersecurity Awareness Training Program