Why You Should Encrypt ALL of Your Data, Not Just Your Customers’

Businesses today are responsible for keeping the data in their care safe from hackers. There are two kinds of data that a business must protect: the information of their customers, and their own data (eg. company policies and employee information). Which of the two do you think the average business does a better job of protecting?

Surprisingly, studies show that companies invest more into protecting the data of their customers than they do their own data. InformationWeek summarizes a survey conducted by Vanson Bourne:

Nearly one-third of companies and organizations with 100-to-2,000 employees in the US, Canada, India, Australia, Japan, and Malaysia, say they don't regularly encrypt their employees' bank information, and 43 percent don't always encrypt human resources files. Nearly half say they don't routinely encrypt employee health information.

It’s rather shocking that so many businesses will leave such sensitive information unencrypted, meaning that, if a hacker (or a nosy person) were to get their hands on it, they would be able to easily read it. Encrypted data is essentially worthless to a hacker; without having the encryption key, the data will appear like a bunch of jumbled letters and numbers. For many businesses, the financial services used automatically encrypts customer data. However, regarding their own data (like employee health information), it’s the employer’s job to make sure it’s encrypted; which, let’s face it, is something on the proverbial to-do list that’s easy to let fall through the cracks.

Marty Ward, Vice President of Product Marketing at Sophos (sponsor of the survey), told InformationWeek, “That companies are prioritizing customer over employee data is not surprising. But it is surprising how much employee data is exposed out there, and [that they are] leaving intellectual property and financial data unencrypted."

Here are just some of the examples of data related to your everyday business operations that you should encrypt:

• Employee bank account information.
• Employee social security numbers.
• Employee health records.
• Company intellectual property.
• Company financial data.
• Passwords to company accounts.

If anything, companies should prioritize in encrypting their own data because there’s so much at stake. For example, compared to a customer’s credit card (which the credit card companies can cancel any charges that are deemed to be fraudulent), stolen Social Security numbers and employee bank account information can lead to major losses for victims that are irreversible.

The good news here is that encryption services are becoming increasingly easier to implement, which is why most of the organizations from the report said they have plans to encrypt their own sensitive data within the next one-to-two years. Do you have protections in place like data encryption that will ensure your company’s sensitive information is as safe as it can be? Give Preferred a call at 708-781-7110 and don’t take any chances with the important information that’s under your care.