Corporate Social Responsibility and Data Protection
When a company suffers a cyberattack related to phishing or scam emails, how responsible is the business and its management for what has happened?
If the attack wasn’t a hack in the traditional sense, should they still be considered to be corporately responsible?
Corporate Responsibility represents a company’s commitment to manage their operations responsibly, and in line with customer expectations. It relates to all aspects of business and, as a result, includes data protection and cyber fraud.
With GDPR now in operation, keeping client information safe is vital for any business, but should we also be responsible for ensuring that clients are more aware of threats to their information?
In a recent attack on Coast Capital Savings, access to clients’ accounts came from a phishing email sent to customers. While it is undeniable that the customers that were targeted gave up their personal information, The question that still needs to be asked is would improved education have saved hundreds of thousands of dollars being lost?
How can you ensure that your customers are secure?
Educate them on security.
You can have the best in-house security measures in place with the most up to date cybersecurity measures, but if your client base isn’t aware of how to stop potential security breaches, you may as well leave the backdoor to your offices open.
Encouraging your customers to regularly change their passwords and explaining why unique passwords are essential is one step towards becoming a more corporately responsible company.
Additionally, you could begin to educate them about phishing and scam emails. By explaining what they should look for, for example:
- is the email addressed specifically to them,
- does it ask for password information,
- does it contain any of their account details?
With this information, your clients can begin to become more responsible for their online accounts.
Check to see how compliant you are.
Employing an IT support company to complete a GDPR compliance audit can pinpoint areas where you may not be meeting national and international privacy standards. They can also show you how to implement best practice, such as regular audits of information and staff training.
Showing that your business is taking steps to ensure that information you hold is safe from cybercriminals can improve customer satisfaction and trust in your business.
At Allteks our IT security specialists can help you spot potential security risks before they become a problem for your business. Our proactive approach to disaster recovery and back up ensures you’re covered at all times.
If you are interested in receiving a free 2-hour review with our trained experts, please get in touch with the team at Allteks.