5 ways to protect your customer data in a post-GDPR world

Ensuring you have customer email marketing consents is just the beginning, says Paul Tarantino. There is plenty more you need to do to protect data

A recent survey showed that nearly one in five (17 per cent) of companies admitted they are still unsure as to what the benefits are of being GDPR compliant.

Many businesses have still not gained consent and yet are sending marketing emails. Moreover, some do not have the proper opt-out policies in place and many are still struggling to make sense of the point of GDPR at all. These businesses are at risk of receiving a fine equating up to 4 per cent of their annual turnover, a huge problem for the sole trader, man-on-the-street style business. But is this putting them at risk of more than a fine?

Worryingly, business cyber-crime is up by 63 per cent compared with 2017 and as former Cisco CEO John Chambers once said, “There are only two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” Being hacked is part of daily life, a new wave of criminal activity, and one your business need to protect themselves against. The most common types of cyber attacks are malware, phishing, SQL injection and “man in the middle” attacks. Without proper security in place, any of these cyber attacks could be imminent. With no GDPR compliant policies in place, companies could soon find their sensitive customer data is at the hands of a cybercriminal as well.

With small to mid-size businesses being the most common target, invest in knowledge with these top five simple and cost-effective ways to protect your data:

Phishing knowledge

Sending out fake phishing emails is a policy many companies are now adopting, making staff aware of the dangers of opening attachments from unfamiliar sources could protect your business.

SME Publications/ SME XPO 2024

Passwords and 2-factor identification

With 30 per cent of Brits using the same password for their email account as other online accounts, having a personal account hacked could lead to a company breach as well. Ensure all staff are made aware of the phrase “longer is stronger.” Make hackers lives hard by using characters, symbols, numbers  – anything other than Password1.

Not using public WiFi

Shadowing, side jacking and firesheep make public WiFi easy fodder for hackers.

Be aware of social media

Posting on social media is never secure and anything you put on there can be obtained by a hacker. Once you have “tagged” yourself into work with a few colleagues’ names, hackers have this information and if they have your social media password, it’s then not too much of a leap to get into your personal emails, your work emails, your calendar, anything.

Invest in cybersecurity

Making the leap to invest in cyber security is often a big financial ask for small businesses, but it is essential and could save you thousands in the long run.

Paul Tarantino is CEO of Consenteye

SME Publications/ SME XPO 2024