The Republican National Committee hired Deep Root Analytics in 2017 to gather political information on US voters but didn’t secure the data. They had personal information on about 61% of the US population stored on an Amazon cloud server – with no password protection. It was exposed there, open for anyone to access, for about two weeks before a security researcher discovered it. A class action lawsuit, and a media storm of negative publicity immediately followed.
A company that acquires and manages personal information should know how to secure data. They were entrusted with sensitive information such as names, birthdates, home address, phone numbers, regions, ethnicities, and voter registration information, and carelessly stored them without password protection. A class action lawsuit immediately followed.
Your business may not have millions of personal records, but you need to secure data for your own customers, because their trust is important to you. And their information is gold to hackers.
How Your Business Could Avoid a Deep Roots-type Error
- Recognize What Data is Sensitive: While you don’t want any company data to become public, you do need to recognize that your customer data should be considered sensitive. Names, addresses, phone numbers, email address should always be kept secure. The mere fact that these people are your customers is a major piece of information for hackers, and they can sell that data to your competitors. If you have your customers’ annual income, social security numbers, date of birth, etc., you have to be even more careful about protecting them.
- Password Protect Your Customer Database. Your customer data should never be accessible to anyone without a password.
- Limit Access to Your Customer Database. Only the people in your company who absolutely need to access your database to perform their jobs should have access. Limiting access will reduce both unintentional and intentional data breaches by employees.
- Get a real security partner to assess your vulnerabilities and catch issues before they blow up into expensive and damaging problems. Call mPowered IT at 678-389-6200 and ask for a FREE VULNERABILITY ASSESSMENT.