The short answer to this question is: no. But if you ask the right questions, you can certainly lessen the chances that your personal information will be leaked in a company’s data breach.
Data breaches have been dominating the news in recent years and unfortunately, this will continue. From the Target data breach in 2013 to more recent data breaches at Facebook, JP Morgan, and various cryptocurrency companies, they’re a reality that’s here to stay.
However, there is some good news: there are some common sense ways that companies can help stop data breaches. Armed with this knowledge, you can ask the right questions of businesses before choosing to share your personal information with them.
1. Do they protect sensitive data?
Only a company’s most trusted employees should be able to access critical, personally identifiable data. There’s no reason for a receptionist to be able to view sensitive documents and information. By limiting the number of employees who can access important documents, the chances increase that such information isn’t exposed. So businesses should ensure that only a tight circle of top employees can access their most precious information.
2. Do they keep tabs on their vendors?
Every business deals with all kinds of different outside vendors. It’s never been more important to pay close attention to exactly who they are, what information they can access, and if the vendors have rights to sell your data. This mostly falls on a company’s IT department, which controls who can see what. What can you do about it? You can inquire about their outside vendor policy.
3. Do they train, train, and train some more?
Employees are often the source of data security breaches. Instead of one training class on cybersecurity, such classes should be held every quarter or even more often. Untrained employees can carelessly open a malware-filled email, so education about what to look out for is key. When it comes to data breach prevention, training is the name of the game. Does the business do a good job of training it’s employees?
4. Do they update their software?
This should go without saying, but to stop attacks before they happen, IT departments should regularly update software and install patches when possible. In terms of preventing a data breach, this makes them significantly less vulnerable to hacking. So you can ask about how up-to-date their software is.
5. Do they do regular security audits?
Regular audits on the state of a company’s security are key so that they can know where the compliance gaps are. Detailed security audits go a long way to identifying weaknesses.
A few common questions that come up in such audits are:
- Does your company have documented information security policies?
- Is your company’s management process effective? Are there escalation profiles and procedures and a plan in case of a breach?
- Does your company have an effective network security mechanism in place, for example, firewalls and IDS/ISPS?
So, ask whether they do regular security audits.
6. Do they use sophisticated passwords?
Company employees shouldn’t change their passwords once a year. It should happen more frequently. Whether working on a company-provided laptop or on a home computer, employees’ passwords should be nearly impossible to guess. Use of a sophisticated password manager is key, so ask about their password policy.
7. IDShield can help
Perhaps the biggest and most important step you can take when it comes to protecting yourself against the havoc caused by data breaches is to protect your Personal Identifiable Information. Yes, you can ask questions, as described above, but getting identity theft protection from IDShield is the ultimate way to battle data breaches and online thieves. The last thing you want is for a data broker to sell your identity.
IDShield offers best-in-class personal data monitoring, dark web monitoring, Social Security number monitoring, credit monitoring and privacy and reputation management and takes pride in its highly qualified team of professionals, including Licensed Private Investigators, who will help you should an identity theft event occur.
Sign up today for either 1 or 3 credit bureau monitoring plus one-on-one consultation.
IDShield is a product of Pre-Paid Legal Services, Inc. (“PPLSI”). PPLSI provides access to identity theft protection and restoration services. For complete terms, coverage, and conditions, please see an identity theft plan. All Licensed Private Investigators are licensed in the state of Oklahoma. This is meant to provide general information and is not intended to provide legal advice, render an opinion, or provide any specific recommendations.
