The Experian data breach involving T-Mobile customer data caused damage beyond one brand. In this video blog, we discuss how today’s business ecosystem frequently results in data sharing, meaning a single data breach could put multiple companies at risk.
When the information services group, Experian, was the victim of a data breach, it wasn’t the only company affected. The data stolen involved approximately 15 million T-Mobile customers, spreading the negative impact of the single breach across two organizations.
In today’s interconnected business ecosystem, most companies rely on third-party services to deliver their core value proposition. It is not an uncommon scenario for one brand to collect customer data and then share this information with other companies to accomplish vital day-to-day functions such as loan and service applications, customer service interactions and order fulfillment.
The network of service providers behind a single brand can make data security a complex challenge. The Experian, T-Mobile breach underscores the importance of including third-party vendors in your customer data security policies. Some of the ways companies can reduce the vulnerabilities inherent in third-party data sharing are:
- Encryption
Encrypt data at all stages including where it is stored, as it is moving internally and externally, as well as when the data is presented. - Limit Data Sharing
Don’t share data that is not absolutely necessary for the function being performed. For example, an order fulfillment employee usually doesn’t need credit card information or a customer service representative will not need social security numbers. - Centralize Security Enforcement
Consolidate rules for how customer data is shared and accessed to ensure that the policies are uniformly and consistently followed everywhere the data is used.
Data sharing is an increasing aspect of doing business in today’s digital world. It is no longer enough to ensure your customer data is secured within your organization to ward off a data breach. Adequately protecting data requires carefully controlling how you share data with your service vendors, including a particular focus on what information can be accessed and by whom.
Register for the Oct. 20th Webinar featuring award-winning author Chris Surdak. Seizing the Data Crush Opportunity with Customer Identity Management.
