By Charissa Struble
It is impossible to avoid backlash if your customers’ private information has been compromised. Just ask retailers Target, TJ Maxx, and Michaels whose security breaches have affected millions of credit card customers. They’ll confirm that your suspicions are correct.
It’s hard to win the confidence of the public when the systems you have in place to protect sensitive data like names and credit card numbers have failed. It could be years before customers feel comfortable using their credit cards at retail terminals again. This is, in fact, very bad news for retailers, particularly because we live in a virtually cashless society.
If your business has experienced a security breach and you believe that your customers are at risk, the most important thing to do is to act immediately. The following tips will help you restore your customers’ belief in your company and its policies and procedures.
Here is the best way to deal with a possible breach in security.
Gather evidence to find out exactly what happened.
In order to fully address the problem, you have to understand when, where, why, and how it happened. This may be the most extensive thing you do but you need to investigate the breach. Your Internet Service Provider (ISP) can assist you with the task. If a crime has been committed and accounts have been compromised, you will need to contact your county or state computer crimes unit and the FBI to conduct a thorough investigation.
Consult a legal professional for advice.
If your server has been hacked or your customer list has been stolen, you have a legal obligation to handle the situation quickly. Contact a lawyer for advice before making an announcement to your customers, employees, and investors. You’ll also have to contact state authorities. There is up to 46 different state laws that need to be considered when there isn’t a federal data-breach notification law.
Speak out and speak often.
It is your responsibility to notify the public that their data has been stolen or tampered with. The sooner you do this, the better. It gives customers the opportunity to cancel bank and credit cards and to monitor their statements for unauthorized activity. As pertinent information is learned, share it with the public and make a representative from your company, often your lawyer, available to answer any questions that people might have.
Nip the problem in the bud.
Albeit costly, you must take every step that you can to eliminate the problem and to prevent it from happening in the future. One of the best ways to do just that is to shut down your website and remove infected hardware and software from your business. You may have to pay someone else to do damage control but it will be the type of investment that protects you and your assets.
Strategize and rebuild systems.
You are going to rebuild trust by creating Fort Knox-like systems to protect customer data in the future. Once you’ve discovered the source of the problem and worked to eliminate it, you are going to have to work around-the-clock to make sure it doesn’t happen again. If your business is spared the first time around despite a security breach, it won’t be the second time. People cannot back up a company that doesn’t take the necessary precautions to take care of their data.
Reevaluate security systems.
It’s better to be safe than it is to be sorry. You’ve been through it before so why would you want to go through it again? Take the time to make sure security systems are in place so you don’t have to go through a potential reputation-damaging situation again.
Security breaches are a reality that many businesses have to face. By preparing accordingly, you can deal with the situation in a way that minimizes the fallout. After all, your business is your baby and you’d go to any lengths to protect it, right?