You may have noticed the numerous news stories over the past few years about laptops with sensitive information being left on trains, in taxis and even those that were stolen from people's homes.
Many of these stories highlight that the data on the laptops (especially in the case of private individuals/businesses) was not encrypted, and therefore could be accessed by anyone who can work out your password (you do have a password on your user accounts right?).
If you don't even have a password protecting your user account on your laptop (or it's set to automatically log you in), accessing the data it contains is a simple matter of turning it on!
Could You Re-build The Trust?
If a laptop, owned by your business, containing the personal details of all your customers was either stolen or left in a public place, and someone managed to get access to your customer's data and then either use it to commit fraud or, depending on the contents, and how damaging it may be if it was made public, publish it. Could you re-build the trust you would have lost?
For most small businesses, the answer to this question is no.
You are not a large multi-national company the size of Sony, who even though they probably lost thousands of customers in the wake of the 2011 PlayStation Network breach, still has millions more it can call on. You are also probably not in the position where you can afford to lose customers, especially in the current economic climate.
Could You Re-build The Customer Base?
If you lost your existing customer database, and therefore lost most (or all) of your existing customers. Could you re-build your business by attracting new customers to replace the ones who feel their data is no longer safe with you?
Again, as a small business, the answer is no.
Although you may put procedures in place to protect your data following an incident, your existing customers would have taken to social media, outraged at the way you handled their information, and this would filter through to any new customers you may try and acquire to replace the ones who decide you can no longer be trusted, thereby making it even harder to attract them.
Could You Re-build The Brand?
If, through a failure to protect customer data, your carefully crafted brand image was damaged (as it would most certainly be). Could you afford the costs of the marketing campaigns, insurance premium increases and compensation claims that would be required to re-build your brand image?
Sony had to provide identity theft protection for all 77 million PlayStation Network users for 12 months, and even went so far as to re-brand the PlayStation Network in an attempt to distance itself from the damaged brand (which has since been re-established, but in a much less prominent position than before). Since then, it has been fined £250,000 by the ICO for breaching the Data Protection Act.
As a small business, it is doubtful you could afford identity theft protection for all your customers affected by a security incident (unless your customer database is very small), much less any fines that may be handed down by the ICO once their investigations are complete.
Why Encryption Matters
Encrypting your laptop and, if necessary individual files on it, can help ensure that, even if it is stolen, attempts to access the data will be fruitless, and result in the data being destroyed in the process.
This can go some way to reassuring your customers that, even though the data has been stolen, or misplaced, it is still safe. This would effectively negate any feelings of betrayal they may be feeling towards your company for allowing their personal information to be compromised, and would help to ensure that their faith in your brand is intact.
I'm not saying that encrypting your laptops is the only thing you must do, you must also ensure that staff who use them are aware of the importance of making sure that they don't leave them unattended, or forget to collect them from trains or taxis, but it will ensure that, when someone does misplace one, or has a theft from their home, your data and your customers are safe.
Leave a Reply