And most of these alleged practices involve basic, fundamental security missteps.
Distilling the facts of those cases down to their essence, here are ten lessons to learn that touch on vulnerabilities that could affect your company, along with practical guidance on how to reduce the risks they pose.
Companies that consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved.
Threats to data may transform over time, but the fundamentals of sound security remain constant.
As the Federal Trade Commission outlined in Protecting Personal Information: A Guide for Business, you should know what personal information you have in your files and on your computers, and keep only what you need for your business.
You should protect the information that you keep, and properly dispose of what you no longer need.
Perhaps when they’re registering online or setting up a new account.Experts agree on the key first step: Start with security.Factor it into the decisionmaking in every department of your business – personnel, sales, accounting, information technology, etc.Lessons from FTC cases illustrate the benefits of building security in from the start by going lean and mean in your data collection, retention, and use policies.Here’s a foundational principle to inform your initial decision-making: No one can steal what you don’t have.