Make sure you have the right Cyber Security in place!
Could Your Business Be Open to A Lawsuit If Someone Steals Confidential Data From Your Systems Because of Poor Cyber Security?
The short answer is - YES, your Chicago business could possibly be open to a lawsuit if someone steals confidential data from your systems because of poor Cyber Security. There have been cases in the past where lawsuits were won because a customer was harmed through a company being hacked, and the company was found to have lax security. Meaning the company’s Cyber Security was not what it should be. There also have been cases in which the company sued employees for stealing customers or the company’s confidential data, and won.
One such example of this happened in 2009 when a hacker successfully hacked a bank and stole $26,000 from a customer in Chicago Illinois by obtaining a loan in their name. The couple sued the bank for failing to use state-of-the art security measures - and won. U.S. District Judge Rebecca Pallmeyer refused to grant a summary judgment in favor of Citizens Financial, stating in her ruling that "assuming that Citizens employed inadequate security measures, a reasonable finder of fact could conclude that the insufficient security caused Plaintiffs’ economic loss." So absolutely because of poor Cyber Security the Chicago company was found responsible.
Also in 2009, DuPont filed a lawsuit against a research scientist for breach of contract and misappropriation of trade secrets for stealing a large number of files. Hong Meng stole more than 600 files by copying them to a portable hard drive. So not only can a customer sue a company for the theft of confidential data, but a company can also sue an employee for the theft of confidential data. It makes sense that your Chicago company have the Cyber Security pieces in place to make sure you’re not vulnerable.
Tips on How to Protect Your Business’ Confidential Data and Improve Cyber Security!
There are steps a business can take to help protect itself against being sued for confidential data theft. Here are a few tips:
● Keep an inventory of all your computers, laptops, mobile devices, and other equipment so that you know where your company stores confidential data.
● Keep track of confidential data by talking with sales, IT, HR, accounting, and service providers.
● Pay attention to how you keep confidential data: Social Security numbers, credit card information, and other sensitive data.
● Use Social Security numbers only for necessary and legal purposes.
● If your company has a mobile app, make sure the app only access necessary data and functions that it needs.
● Follow the “principle of least privilege” by scaling down access to data.
● Store all documents, files, thumb drives, and backups in a locked room or cabinet.
● Require employees to put files away, log off computers, and lock file cabinets and doors at the end of the day.
● Implement access controls in your building.
● If you have any offsite storage, limit employee access to it to need-only basis.
● If you ship any confidential information using outside carriers or contractors, encrypt it and keep an inventory on what is being shipped.
● If you have any devices that collect confidential data like PIN keypads, secure them so identity thieves can’t tamper with them.
● Make sure to have an IT audit or IT security assessment to make sure that your company has the right pieces in place for proper Cyber Security.
If you want to get serious about using state-of-the-art cyber security for your business confidential data so you won’t be held liable in a lawsuit if someone steals a customer’s data, get in contact with us.
We follow all of the regulations and recommendations for securing personal and confidential business data, and are fully certified to meet all standards for corporate, medical, legal, and other types of business environments. There is no one better to trust with your information security than our team of IT professionals.
Pingback: Ransomware Attack Recovery for your Chicago Business
Pingback: Is someone in your Business IT Network that shouldn't be?