Security: Part IV of the hidden costs of Exchange providers
Here’s where I’m really lucky: Unlike the previous posts in this series, I don’t have a personal horror story relating to data security. I do shop at Target and Home Depot, but I was fortunate not to experience identity theft or credit card fraud after they were hacked.
Still — when they sent me the breach notification emails, I read them closely and with great concern. Security is at top-of-mind for me—and, increasingly, for anyone in business.
Poor provider security can create major costs
As an individual, the cost of poor data security can be direct costs (such as paying lawyers to help me restore my reputation, or spending time on hold with credit card companies) as well as indirect costs (such as a decrease in my credit score that hurts my eligibility for bank loans).
If your business data is breached, it will also suffer direct and indirect costs. To name only a few:
- Damage to your reputation causes customers to lose trust
- As a result, you lose sales and turn over customers
- Legal fees spike as you attempt to remedy the problems or go after the culprits
- Your IT team invests time in lengthy reviews to tighten security or restore lost data
The security problem is elevated in regulated industries, like the healthcare or financial sector. In these sectors, investigation of breaches and irregularities will require eDiscovery: the process of extracting information from IT systems to support the investigation.
eDiscovery is a highly time-consuming process, especially if your people, processes and IT systems are not designed to support it. The workload will usually fall on IT staff’s shoulders. So now you have to deal not only with the breach itself, but also with all your IT resources diverted to eDiscovery.
Demand tighter security and better protection
Here’s what this means to you: you should demand very high standards of security and protection from your IT cloud services providers. Look for the following criteria when you make your choice:
- Email protection by a well-known vendor, like McAfee
- Encryption of data using proven methods
- Extra security features, like defense against phishing and malicious URLs
- Know where your data is stored, and demand redundancy
- An email archiving solution that will speed eDiscovery should the need arise