There are plenty of ways to keep customer data safe that don't involve the typical cybersecurity measures, which includes having antivirus installed on your devices, as well as firewalls and implementing strong password policies. Here we provide a few simple tips to protect customer data and personally identifiable information (PII):
Transparency - if you have a privacy policy in place, make sure it is available to your customers so that they know what you do with their PII. It's best to be simple, clear, and understandable to your customers. Let your customers know what you're doing to keep their PII safe.
Education - train employees on identifying phishing tactics and email scams. Healthy skepticism goes a long way.
Policy - consider implementing a removable device policy to minimize risk of infecting devices with malware or letting PII data go out. Have a strong policy in place for employees to report suspicious emails and other unusual activity linked to your
Limit Access - when it comes data, ask yourself, "Who really needs access to our customers' PII?" It's worth reviewing who has access in your organization to this kind of data, and determine if their position relies on it. Fewer people who have access means less of a chance for human error.
Stay Compliant - depending on the nature of your business, it's important to understand which regulations affect you. If you accept credit card payments, you'll need to stay PCI compliant. If you're a healthcare provider or business associate to a healthcare provider, you'll need to stay HIPAA compliant. Educational institutions funded by the government should follow FERPA. All of these regulations are in place to protect the rights and PII of consumers.