Focus On The Document

Customers should not have to worry about a possible data security risk

• By Mia Papanicolaou
• Aug 01, 2016

Despite years of breaking news stories on security breaches and the resulting reputational damage, many businesses are still under protected when it comes to data security. With 2016 promising to surpass 2015 in both number of data breaches and records exposed (4.3 million records so far), it’s vital that organizations address the technology and process gaps that may put customer data at risk.

Digital transformation is accelerating and as information becomes far more accessible and valuable, data security needs to be a top priority and not only within the IT department. According to a February 2016 report published by IBM, “Financial losses, reputational damage, national security concerns, to name a few, characterize some of the core risks the C-suite is taking serious notice of. Historically considered a technical issue within the domain of the IT department, security is now a central topic within operations, across the C-suite and elevated at the board level.”

As data security receives the right level of attention, companies all over the globe continue to adopt digital communication technologies as a means to engage with customers. Part of the engagement transformation includes digital access to customer documents.

So, what is driving this digital transformation?

Businesses need digital communication technologies to address customers’ demands for instant access to documents, wherever they are, whenever they need them. These technologies also offer a more cost-effective and efficient way to communicate, enabling companies to provide the information that customers want, when they want it; much faster and cheaper than printing and mailing. Digital correspondence offers opportunities to interactively engage with customers via the channel that the customer prefer—email, web portal or mobile app.

However, providing ‘anytime, anywhere’ access to customer documents, carries inherent data security risks. According to another IBM report: “Forty-seven percent of incidents involve a malicious or criminal attack, 25 percent concern a negligent employee or contractor (human factor), and 29 percent involve system glitches that include both IT and business process failures.”

To mitigate the risk of unauthorized access to your customer documents, a business must address all of the above threats by safeguarding the document itself from any type of breach incident, be it a malicious attack, a human error or a process failure.

Documents Stored in a Repository

One of the most vulnerable points in a document’s lifecycle is when it is stored alongside millions of other customer documents also containing information that is valuable to a criminal. A document repository containing identity information, financial accounts, even healthcare information, is a tempting target for hackers.

Despite the risks, an organization is compelled to make these documents available to all customer service channels (email, web, mobile apps), and to do so, must store documents in a secure, yet accessible vault.

One or two layers of protection in today’s digital world are simply not enough—having multiple layers of security is critical. A document management solution must provide protection beyond network and database level security, so that even if the document itself gets compromised, the data contained therein is safe.

Documents Traveling Via the Internet

Confidential documents travel via the Internet all the time, but should never be transferred “in the clear.” Although a single document sent by email or downloaded from a web portal is not as attractive a target for criminals as a repository, documents should always be encrypted and password protected while in transit.

This not only protects the contents from an attack, but also mitigates a human or system error in which a confidential document is sent to the wrong recipient.

Documents Saved on a Customer’s Own Computer

Likewise, providing only encrypted and protected documents will assist consumers with safeguarding their information when it resides on their own devices. An emailed document gets saved automatically on different devices and would be vulnerable if the device was hacked, unless saved in its protected format.

The good news is that there are new and innovative solutions in the marketplace that can help companies to better fortify their customer documents.

This article originally appeared in the August 2016 issue of Security Today.