TechRadar suggests an interesting data security thought experiment: imagine that you actually had to pay more money to store protected personal information. In other words, if you wanted to store customer addresses, contact info, or transactional data, your company would have to pay an additional charge for each piece of data.
If that were the case, businesses would want to minimize their cost. They'd minimize what data they stored, deleting old addresses, unnecessary marketing information, and other data that was no longer useful. But as it is, companies hoard this old data – especially now that marketing departments are keeping massive stores of "big data."
Why does this matter for IT consultants? When clients keep unnecessary data, they actually increase your professional liability. The more data they have, the more expensive their data breaches will be and the more likely you are to be sued for these costs.
What can you do about these risks? To answer that question, let's look at…
- How to limit your risk of IT lawsuit (aka your professional liability).
- What to teach your clients about data security.
- What resources you can use to reinforce good data security habits with clients.
How to Limit IT Liability and Prevent Data Breach Lawsuits
You should invest in information technology insurance (Professional Liability Insurance) to pay for data breach lawsuits. But you should also try to prevent data breaches by teaching your clients best practices for their data management.
This advice is especially timely – not just because of all the recent data breaches – but because "big data" has become a marketing buzzword. Many of your clients probably opt to keep as much information about their customers as possible, figuring that even if that information is old and they don't have an immediate use for it, it may be useful later on.
Hoarding unnecessary data only increases your client's risks. Unlike the situation in the thought experiment, your clients don't see that they're paying an additional "cost" when they store this personal information. But they are paying a cost: cyber risk. The more personal data they have, the bigger their risk of an expensive data breach.
What to Tell Your Clients about Data Storage: Don't Be a Hoarder
As it turns out, big data also means big liability.
Say that malware attacks a client's network and steals their protected data. Remember all that old, useless marketing data your client was holding onto? Well, your client will have to contact everyone whose personal information may have been exposed. This increase in data not only increases the cost of a data breach, but also their liability as any customer can sue them if they're a victim of identity theft.
We're not saying that big data is bad. It's not. Big data marketing is great. But some businesses can fall into a trap, keeping troves of useless data, when they should be streamlining it instead.
2 Resources that Will Teach Your Clients the Real Cost of Lost Data
We began this article with a thought experiment, but let's look at some real-world ways you can get your clients to think differently about their data.
- Share the TechInsurance customer education packet. We wrote this resource with your customers in mind. It explains basic information about data breaches and identity theft, and it shows small-business owners what they can do to improve their data security.
- Educate your clients about the cost of a data breach. Many clients are afraid of a data breach but probably don't even know what to do if their business is hacked. Show your clients their state data breach laws and help them build a plan to protect their data. They should be ready to fulfill their legal requirements if a security breach occurs.
In some ways, ignorance is the biggest enemy an IT consultant faces. By getting clients to understand the real cost of data breaches (and their legal responsibility to protect data), you'll get them to invest in better IT and limit their risk exposure. Streamlining data and only keeping what's necessary is one way to accomplish this.
Have questions about your IT risk coverage? Contact a TechInsurance agent for help.