Identity theft and data breaches have become two major problems for consumers in recent years as more information is digitized, and more chances to expose it come along. But now new research suggests that businesses still aren’t taking these significant risks into account when outsourcing data.
Nearly half of all businesses that handle information about people, 46 percent, do not currently do enough to protect that information when sharing it to third-party organizations, according to a survey from Experian Data Breach Resolution and the Ponemon Institute. For instance, 65 percent of companies polled said they suffered a data breach involving sensitive information as a result of transferring it to another company, and 64 percent say such an incident has happened more than once.
“Many companies have higher standards for their in-house data security practices than they have for vendors that they enlist to hold customer information,” said Michael Bruemmer, vice president at Experian Data Breach Resolution. “The standards should be consistent, because not adhering to the same policies leaves companies vulnerable.”
Further, another 45 percent said that they thought negligence was the primary reason that such a data breach occurred, and 40 percent reported that these were the result of lost or stolen devices, the report said. Moreover, 56 percent of the companies that suffered these breaches only learned about them accidentally, while just 27 percent said that they were turned up as a result of standard security procedures. Only 23 percent said that the third party’s own security checks resulted in discovery of such an incident.
Only 49 percent of companies that shared data with vendors said that they actually monitor those other organizations’ security protocols in general, or are either unsure whether their company does so, the report said. Consequently, that lack of certainty can lead to companies facing a far greater risk of data breach that could cost them a significant amount of money and man hours to remediate.
Having personal or financial information exposed in a data breach can put consumers at significant risk of identity theft that could not only leave them with thousands of dollars in debt for which they’re not responsible, but also severely damage their credit standing, which can take months or even years to resolve. As a result, consumers should keep a close eye on their various financial documents to make sure no unrecognized charges or accounts are showing up in their name.