Focus On The Document
Customers should not have to worry about a possible data security risk
- By Mia Papanicolaou
- Aug 01, 2016
Despite years of breaking news stories on security
breaches and the resulting reputational damage,
many businesses are still under protected when it
comes to data security. With 2016 promising to
surpass 2015 in both number of data breaches and
records exposed (4.3 million records so far), it’s vital
that organizations address the technology and
process gaps that may put customer data at risk.
Digital transformation is accelerating and as information
becomes far more accessible and valuable, data security needs
to be a top priority and not only within the IT department. According
to a February 2016 report published by IBM, “Financial
losses, reputational damage, national security concerns, to
name a few, characterize some of the core risks the C-suite is
taking serious notice of. Historically considered a technical issue
within the domain of the IT department, security is now a
central topic within operations, across the C-suite and elevated
at the board level.”
As data security receives the right level of attention, companies
all over the globe continue to adopt digital communication technologies
as a means to engage with customers. Part of the engagement transformation includes digital access to customer documents.
So, what is driving this digital transformation?
Businesses need digital communication technologies to address
customers’ demands for instant access to documents, wherever
they are, whenever they need them. These technologies also
offer a more cost-effective and efficient way to communicate,
enabling companies to provide the information that customers
want, when they want it; much faster and cheaper than printing
and mailing. Digital correspondence offers opportunities to
interactively engage with customers via the channel that the customer
prefer—email, web portal or mobile app.
However, providing ‘anytime, anywhere’ access to customer
documents, carries inherent data security risks. According to
another IBM report: “Forty-seven percent of incidents involve a
malicious or criminal attack, 25 percent concern a negligent employee
or contractor (human factor), and 29 percent involve system
glitches that include both IT and business process failures.”
To mitigate the risk of unauthorized access to your customer
documents, a business must address all of the above threats by
safeguarding the document itself from any type of breach incident,
be it a malicious attack, a human error or a process failure.
Documents Stored in a Repository
One of the most vulnerable points in a document’s lifecycle is when
it is stored alongside millions of other customer documents also
containing information that is valuable to a criminal. A document
repository containing identity information, financial accounts,
even healthcare information, is a tempting target for hackers.
Despite the risks, an organization is compelled to make these
documents available to all customer service channels (email, web,
mobile apps), and to do so, must store documents in a secure, yet
accessible vault.
One or two layers of protection in today’s digital world are
simply not enough—having multiple layers of security is critical.
A document management solution must provide protection
beyond network and database level security, so that even if the
document itself gets compromised, the data contained therein
is safe.
Documents Traveling Via the Internet
Confidential documents travel via the Internet all the time, but
should never be transferred “in the clear.” Although a single document
sent by email or downloaded from a web portal is not as
attractive a target for criminals as a repository, documents should
always be encrypted and password protected while in transit.
This not only protects the contents from an attack, but also
mitigates a human or system error in which a confidential document
is sent to the wrong recipient.
Documents Saved on a
Customer’s Own Computer
Likewise, providing only encrypted and protected documents
will assist consumers with safeguarding their information when
it resides on their own devices. An emailed document gets saved
automatically on different devices and would be vulnerable if the
device was hacked, unless saved in its protected
format.
The good news is that there are new and innovative
solutions in the marketplace that can
help companies to better fortify their customer
documents.
This article originally appeared in the August 2016 issue of Security Today.
About the Author
Mia Papanicolaou is the COO for Striata, Inc.