In light of the recent scandals at a number of organisations, Natasha Cowan asks how companies can prevent their systems from being hacked.
Cyber attacks my sound like the plot to a Hollywood movie but recent events show just how dangerous faults in internet security can be.
Recently, Bluebox Broadband users were left devastated after a cyber security hack led to the publication of 3,000 customers, or potential customers, details online.
The hack is just one of a stream of attacks that have occurred in the last month, causing consumer trust in companies storing personal data to slip by 6%, according to a survey conducted by Deloitte. This is worrying, because if faith in technology organisations dissipates, whose function is to maintain data, then those companies very existence will be in doubt.
The companies’ recently targeted by hackers range from internet giant, TalkTalk, to toy manufacturer Vtech, which had its app store database, Learning Lodge, hacked on November 14.
Hackers have proved they can wreck the reputation of a company with the click of a button, highlighting cyber security as one of the evolving risks for business and their stakeholders.
With the ever-developing digital world comes more complex methods of hacking into customer databases. But one realisation from the TalkTalk scandal is that simple measures can be put in place to protect customers and make sure organisations stay ahead of these risks.
TalkTalk had failed to encrypt their customer data. This is one of the most important, and it has to be said basic measures taken to prevent hackers stealing the bank details and personal information from millions of clients. By disregarding customer safety the public lost faith in the company and stakeholder value plummeted.
As one of Talk Talk’s thousands of customers I saw this first hand. Not only did TalkTalk fail to alert the UK’s data protection watchdog when the attack first happened, but one week after the attack I still couldn’t access my account details to change my password and I received little information on whether my details were at risk. This was very poor.
One company proving the importance of tightened internet security is Crunch Accounting, the online accountancy firm for freelancers, contractors and small businesses. It combined the quality assurance team, developers and design team to create their new website. Also employed was a system administrator – who is able to think like a hacker– to help check the site.
By starting again with the latest technology, they were able to fill any gaps in security and build the site efficiently, helping them to meet a majority of their stakeholders needs.
When customers leave their data with a company the data becomes that company’s responsibility. It’s crucial to have a plan in place, fed down through good governance, to protect stakeholders from the pains and confusion of a hack.
The role of the quality professional is to protect reputation, facilitate continuous improvement and lay the foundations for good governance. Keeping stakeholders safe is vital. Companies could take heed by putting these ideas at the core of their management and risk operations.
Natasha Cowan is Content Creator at the CQI and writes for Quality World magazine.