Kroll Fraud Solutions Blog – A Dialogue on Data Security

Tip #4: Provide adequate privacy considerations for your customer incentive and online marketing programs

During this season, half the battle for retailers is simply gaining the customer’s attention. The most recent trend is the use of social networking and mobile phone apps to offer incentives, coupons, and general information to consumers – and, of course, to collect data. This is a wonderful opportunity, but it also leaves you with a lot of data to protect, and protect it you should. One of the driving costs of data breaches is the loss of business that comes as a result. According to Ponemon Institute reports, the abnormal customer churn (or turnover) rate resulting directly from a data breach is slightly higher than last year — up from 3.6 to 3.7 percent in 2010.

In last week’s post, we discussed why a company should have a security policy that addresses protecting the personal identifying information (PII) of customers and employees alike.  But information security policies are only as good as their execution by employees and administrators. Implementation of the information security policy, like all new ideas in group settings, requires buy-in by those who will participate – without it, the policy is mere words without deeds.

Millions of people have an online presence through various social networking sites and other communication channels – the ease with which you can share and find information attracts a lot of consumers and businesses alike. Of course, this also attracts scammers and identity thieves. A business that engages consumers through social media channels will most likely have a social media policy for employees. In the same vein, consumers should develop their own social media policies. Setting rules and guidelines before going online is a deterrent to making mistakes that can divulge sensitive information or personal identifying information (PII).