By Ian Cowley, Managing Director, cartridgesave.co.uk
Customer service is the mantra of so many businesses these days. However protecting your customer’s data is a huge part of customer care and is often overlooked.
What we do with each customer’s data is one of the most vital demonstrations of the value we place on a sale. So, demonstrating proper management of addresses, financial details and other sensitive information goes a long way towards securing trust in your brand. Here are some tips for best practices:
1 Update your encryption
While encrypting data is an obvious step for any business trading online, simply having a system in place isn’t enough.
Hackers are constantly finding new ways into the most secure corners of the internet. So if you value the data you hold, you must stay one step ahead.
Simply put, if your encryption system hasn’t been updated within the past year, it’s probably out of date and vulnerable. The same goes for firewalls. Make sure you have one and that it is regularly tested and updated by your internet provider.
2 Insist on strong passwords
Just like leaving valuables on the seat of a car, don’t make it easy for a hacker to get inside your system.
Minimise risk and insist staff apply a mix of upper and lower case letters, plus numbers, in a 16-character password at all times.
If your staff don’t think they’ll remember complex passwords, use management tools like One Password to record the cryptic password safely.
Similarly, consider using Google Authenticator for two step verification log ins. This places an extra locked door for your data to live behind. As well requiring a username and password, the Authenticator also generates a one-time password each time access is required which must be input.
3 Use your data access positively
We’d strongly recommend that if you trade online, your customers’ card details are not stored on your servers. This should be done by your payment service provider.
However, it is good practice to store customers’ email addresses. That way you can demonstrate how much you value what is stored by alerting customers if there is any unorthodox activity on their account, such as adding a new delivery address or a sudden change to their spending pattern.
4 Have an employee device policy
Today’s workers are likely to have work information, including customer data, on laptops and smartphones. Therefore, a company-wide policy regarding personal devices must be drawn up if you don’t already have one.
This would cover points such as informing you if a device is lost or stolen, granting your IT department access to perform regular checks on a device and insisting on all work-related files being zipped.
5 Choose external providers very carefully
Cloud storage is an increasingly attractive option as it removes the headache of storage and security from you.
However, if you are going down that road, do your homework on cloud providers first. Ask around to see who is recommended. When you speak to a provider, ask for testimonials or, even better, ask to contact some of their clients directly for feedback.
Include customer privacy in all discussions you have with a cloud provider, so you can be sure this is at the heart of the service you sign up for.