Data Breach Collateral Damage
We all know the evolving stories of popular retailers and their disastrous data breaches. The obvious discussion point is the financial impact of the breach - fraudulent use of consumers' credit card data and the impact on end users' credit, to say nothing of the constant monitoring (and worry) of all their accounts. There are a number of tangential effects of a serious data breach for institutions, as well as end users. These effects go way beyond the financial impact, and the industry should look to address them.
First, consider the impact on institutions that have experienced a breach. The reputations of retailers whose data breaches have been reported recently are being questioned along with consumer trust. That's not something that can be easily remedied, and it will take a long time before consumers again start to trust these retailers with their personal data. This is an indirect financial impact that will affect the retailers for years.
The associated impact of being a publically traded company also comes into play. When investors know the organization's reputation has been sullied by a data breach, there is bound to be a negative impact on how they view the company and invest, according to their long-term view of company viability. It's an intangible that many companies are concerned about, but the reality is that little can be done.
It's important to be transparent and proactive with services like consumer credit monitoring, because once damage is done, it's harder to regain a position of trust with consumers. Users who once wouldn't have thought twice about using a retailer's online services now will weigh their options, and potentially could take their business to a company that hasn't experienced a data breach – although, as time goes on, those options are dwindling.
By changing the focus to consumer – and the impact a data breach has on them – we find areas most people don't tend to think about, but need to be aware of. First and most importantly, of course, is the financial impact. It's important for consumers to take advantage of any credit monitoring services offered; consumers are expected to take ownership.
As a credit consumer, there is a need to keep an eye on any and all transactions charged to all sources of credit. It's the only way to be 100 percent certain of all charges. Credit card companies have gotten better, and continue to improve in the area of fraud detection, but there is nothing like your own oversight and missing charges Google App Store, Domino's Pizza and JDate.com that you didn't initiate.
Other information usually associated with user accounts, which can be negatively impacted, as well, includes things like email, physical addresses, social network names, and any other usernames and passwords (because, like most people, many consumers reuse usernames and passwords). Hackers and data thieves have gotten more intelligent about using associated data for their benefit.
The good old days of simple credit card data theft are gone – today consumers and retailers have much more to worry about. While not a foolproof solution, maintaining different and strong passwords for each external account is a practice both retailers and consumers should be employing. It's especially important to change those passwords every couple of months or so. It may seem like a lot of work, but there are services that can help you maintain your passwords properly.
Why be concerned about these seemingly inconsequential pieces of information? Because hackers now can set up bots on computer and access email addresses as a source of SPAM. With little consumer information, hackers can mine LinkedIn data, Facebook friends, photos, posts, etc.
It's a whole new world out there. It's a big data world where information can be linked, and, many times, data breaches mean consumer information has been compromised. The faster retailers and consumers act to change all the information associated with a data breach, the better off they'll be. In the meantime, it's important for both retailers and consumers to remain diligent, ensure security and be ready to act quickly in the case of a data breach.
Tim Sedlack is senior product manager at Dell Software, responsible for the complete product lifecycle of Dell Software's security and compliance toolsets and provides assistance to customers and strategic partners around the world.
First, consider the impact on institutions that have experienced a breach. The reputations of retailers whose data breaches have been reported recently are being questioned along with consumer trust. That's not something that can be easily remedied, and it will take a long time before consumers again start to trust these retailers with their personal data. This is an indirect financial impact that will affect the retailers for years.
The associated impact of being a publically traded company also comes into play. When investors know the organization's reputation has been sullied by a data breach, there is bound to be a negative impact on how they view the company and invest, according to their long-term view of company viability. It's an intangible that many companies are concerned about, but the reality is that little can be done.
It's important to be transparent and proactive with services like consumer credit monitoring, because once damage is done, it's harder to regain a position of trust with consumers. Users who once wouldn't have thought twice about using a retailer's online services now will weigh their options, and potentially could take their business to a company that hasn't experienced a data breach – although, as time goes on, those options are dwindling.
By changing the focus to consumer – and the impact a data breach has on them – we find areas most people don't tend to think about, but need to be aware of. First and most importantly, of course, is the financial impact. It's important for consumers to take advantage of any credit monitoring services offered; consumers are expected to take ownership.
As a credit consumer, there is a need to keep an eye on any and all transactions charged to all sources of credit. It's the only way to be 100 percent certain of all charges. Credit card companies have gotten better, and continue to improve in the area of fraud detection, but there is nothing like your own oversight and missing charges Google App Store, Domino's Pizza and JDate.com that you didn't initiate.
Other information usually associated with user accounts, which can be negatively impacted, as well, includes things like email, physical addresses, social network names, and any other usernames and passwords (because, like most people, many consumers reuse usernames and passwords). Hackers and data thieves have gotten more intelligent about using associated data for their benefit.
The good old days of simple credit card data theft are gone – today consumers and retailers have much more to worry about. While not a foolproof solution, maintaining different and strong passwords for each external account is a practice both retailers and consumers should be employing. It's especially important to change those passwords every couple of months or so. It may seem like a lot of work, but there are services that can help you maintain your passwords properly.
Why be concerned about these seemingly inconsequential pieces of information? Because hackers now can set up bots on computer and access email addresses as a source of SPAM. With little consumer information, hackers can mine LinkedIn data, Facebook friends, photos, posts, etc.
It's a whole new world out there. It's a big data world where information can be linked, and, many times, data breaches mean consumer information has been compromised. The faster retailers and consumers act to change all the information associated with a data breach, the better off they'll be. In the meantime, it's important for both retailers and consumers to remain diligent, ensure security and be ready to act quickly in the case of a data breach.
Tim Sedlack is senior product manager at Dell Software, responsible for the complete product lifecycle of Dell Software's security and compliance toolsets and provides assistance to customers and strategic partners around the world.