“We’ve been hacked!” Words almost certainly at the center of many CIO’s nightmares these days. The targets are sensitive information including much more than customer payment data or employee SSNs. It is literally anything a person, entity or even foreign government might use against you, your company or anyone else. And it’s your responsibility to protect it. It keeps happening in places it shouldn’t be, like Blue Cross, The Home Depot, Target and the United States Office of Personnel Management. News reports on hacking seem to multiply as each year passes.
Such attacks don’t only affect well-known national companies. A 2015 survey revealed that over two out of five midsize businesses suffered data breaches during the past 36 months. This figure rises to 56 percent if supplier-linked breaches are included, according to Claims Journal. These numbers suggest that executives at midsize firms must take this issue seriously.
Even when companies define security as a top priority, it’s not a simple matter. About 40 percent of database professionals don’t know where computers store some or all of their firms’ confidential data. This makes it rather difficult to fully secure the information. At the same time, most businesses fail to consistently monitor system access or perform audits of data security.
In addition to aiding identity thieves, security lapses can seriously harm your company. They often trigger government investigations or class action lawsuits. For example, the Bangor Daily News reports that Anthem faces legal action because the insurer neglected to encrypt personal details before an attack occurred. A 2013 data breach cost Neiman Marcus over $4 million, according to Adweek. Negative media attention may also encourage customers to go elsewhere.
Hacking can cause your business to lose millions of dollars, but it’s also expensive and complicated for your staff to prevent such attacks. Some firms have spent tremendous amounts of their information technology funds on security training and software. An increasingly popular alternative is to use IT outsourcing. Experienced contractors benefit from economies of scale and employ security professionals with extensive training.
Outsourcing frequently boosts service quality and affordability. A survey of IT businesses found that outsourced security successfully cut expenses for 76 percent of the respondents. Better yet, 94 percent experienced improvements in service. This kind of outsourcing also helps executives and employees focus on productive tasks. It eliminates the stress that people feel when they want to secure data but remain uncertain about the right techniques to employ.
A security audit performed by experts is a great first step in identifying your vulnerabilities. If you or your company are responsible for maintaining the security of sensitive data, engaging a security partner can be a valuable next step. ContinuServe is an Oracle Platinum Partner with a team of security experts versed in the best and latest security practices. To learn more about our security practice, contact us today.