Posted inPCI DSS compliance
With yet another high profile data breach hitting the headlines this week, it emphasises the absolute necessity for organisations to protect customer data...
As it transpires, TalkTalk did not store customer card data. However, over the four days it took them to confirm whether card data was breached or not, the damage to their brand, reputation and share-price could be irreversible. This stresses the fact that card data theft is a very real security issue and one that can destroy businesses.
Even the mere hint that card data could have been at risk, reduced their share price by 40%. This has mostly recovered, but the reaction from shareholders and consumers was immediate and the negative impact on their brand reputation will no doubt be significant. The fallout will linger well passed the headline news stage for months to come as they appease fines, legal costs and restore customer confidence with unplanned resources.
The question is, with so much at stake, why do companies insist on storing customer data on their systems? Do they really need to hold bank details, card details, social security numbers and other confidential information?
The technology is also available right now to keep this type of sensitive information completely out of their organisational environments. But time and again at Eckoh, we come across businesses that would rather take the risk of being hacked, than make the investment to protect their customer's data - "We'll deal with it, if and when it happens!". But with the sophistication and complexity of hacking increasing every day, a data breach could happen sooner than they anticipate; and cost more than they bargained on.
Many of our clients are turning to tokenisation solutions to keep personal customer data out of their organisations altogether. As they see it, they just want to get rid of sensitive card data as they don't need it and don't want it. They can still keep transacting as they always have done, but do not need to keep anything that may attract hackers.
This TalkTalk breach has no doubt given merchants in all sectors another wake-up call to reassess their own processes. The reality is that in the next number of years...NO business will hold unencrypted data, but until then the companies that do, are playing Russian roulette.
Latest Blog Items
Wednesday, 19 February 2020 What if your contact centre was a car?Imagine, you buy a car and you buy a three-year care plan so all your servicing and repairs are covered. After three years you opt for an extended care plan for another two years - it's a bit more expensive, but the car is doing just what you need and you don't want to change.
Tuesday, 18 February 2020 Contact Centre of the Future Part 4 - PaymentsHow will customers make purchases via the Contact Centre of the Future? In the fourth part of our series, Ashley Burton, Head of Product at Eckoh, examines what's ahead for payments.
Tuesday, 11 February 2020 Challenge #5: Help when purchasers wobble at the checkoutAre your online customers getting cold feet on the final payment screen — and giving up? If so, there's an effective tool you can use to get them over line.