Late last week, the New York Times reported that two small email providers that offered encrypted communications options to their clients chose to shut down and destroy their servers rather than disclose client information to the U.S. government (see 2 E-Mail Services Shut Down to Protect Customer Data).
The incident highlights two significant issues for small IT firms: the matter of data protection in the era of Edward Snowden and the (often overlooked) advantages small firms have over larger public companies. Here's a summary of the incident and a look at how these two issues might impact your IT business.
A Refusal to Share Client Information
The two companies in question, Lavabit and Silent Circle, offered clients ways to communicate securely. Both offered email encryption and Silent Circle also provided encrypted video and texting services.
Lavabit counted among its customers Edward Snowden, the former National Security Administration contractor who leaked sensitive documents and is now on the lam in Russia. After apparently receiving a secret search order from the NSA (disclosing receipt of such a letter is illegal), Lavabit's owner opted to close his company and destroy the information on its servers to protect his clients.
Shortly after learning of the Lavabit incident, Silent Circle's owners reportedly took similar measures, making it impossible for government officials (or anyone else) to access client information.
Protecting Client Information: What's Expected of IT Businesses?
Shuttering a business is an extreme step to take to avoid revealing customer data, but for some IT professionals, maintaining customer trust (even at the expense of losing an entire business) is more important than anything else. This is especially true of businesses like Lavabit or Silent Circle, which consider data protection a foundational part of the service they offer.
So what's expected of your IT business as far as data protection goes? If you don't primarily sell data security-related services or products, consider taking the following steps…
- Follow standard procedures for preventing data breaches: This includes using strong, regularly updated passwords, encrypting information as needed, limiting access to sensitive information, and investing in strong antivirus software.
- Educate clients about the actual exposure of their data: The Edward Snowden incident has brought data privacy issues to the forefront of the national consciousness, but some of your clients may be unsure what steps they can take to minimize their data exposure or why they would want to.
- Invest in third-party Cyber Liability Insurance: This policy won't help you if the government requests sensitive data, but it will allow you to cover the expenses of a lawsuit that results from a hacker or data thief gaining access to your clients' sensitive information.
- Recommend a first-party Cyber Liability policy to your clients: This type of insurance allows your clients to cover the costs associated with a data breach from hackers or cyber criminals so that they can maintain the trust of their clients. (Want more information about protecting yourself from a data breach? Read about the difference between third-party and first-party Cyber Liability Insurance in our blog.)
The Small-Business Advantage
As a small tech firm, you may find that you're often competing with much larger entities - and coming up short. But it's important to keep in mind that being small comes with some big advantages. Play your cards right, and you can win clients by playing these up.
So what are the small-biz benefits that might help you win new clients?
- Flexibility. Have a client who needs to meet outside normal business hours? No problem. You aren't beholden to operating hours mandated from above. Advertise this feature if you work with people who need you at odd times of the day and night.
- Excellent customer service. Chances are, you actually know all your clients by name. Use this to your advantage by treating them like associates: connect them with useful resources, send them personalized communications from time to time, and tailor your services to their specific needs.
- Speed. You don't have to follow corporate protocol to introduce new products, address problems, or change the way you do things.
- The ability to make bold decisions to benefit clients - and only clients. This is perhaps the most important advantage you have over bigger businesses with shareholders, and the one most clearly illustrated by the Lavabit / Silent Circle shutdowns. Remind your clients that you exist to serve them - in a way that bigger companies simply do not. Make the most of this advantage by informing your clients whenever you make a business change specifically to benefit them, and you'll build up crucial trust and loyalty. (These two factors are key to helping you protect your reputation, which many businesses consider a crucial asset.)
Writtten by Brenna Lemieux - check her out at Google+ or Twitter