With the number of massive, high-profile data breaches that have occurred in recent months, there is a very good chance you have received at least one notice from a vendor letting you know that your personal data or account information may have been compromised or exposed. Without fail, those notices start with something to the effect of “Your privacy is our number one priority”, or “We value the security of your personal data above all else”. Please. If that were true, you wouldn’t be sending me the notice in the first place.
Do you really want to show me how much you value my privacy, or how much of a priority it is for you to protect my personal information? Try more proactive action to prevent it from being compromised or exposed, and less apologizing after the fact for your failure to do so. Honestly, with each passing data breach that makes the headlines it becomes less and less excusable for organizations to not take steps to put the tools in place to prevent data from getting breached.
I am not suggesting that the network itself should be impenetrable, or that laptops or portable storage drives should never be lost or stolen. Those things are not truly possible. But, with the right tools and security measures in place, a hacked network won’t expose sensitive information, and a laptop or portable drive in the wrong hands won’t mean that personal data is potentially compromised.
Doing the right thing up front will not only earn you my respect, and help you avoid having to send out those condescending notifications, but it is also significantly less costly than the consequences and fallout of a data breach.