IT risk management needed to uphold customer confidence

A company can suffer wide-ranging effects from a data breach or loss, including the cost to recover data and penalties levied by legal and industry organizations. However, perhaps the most damaging effect could be a hit to the company's reputation and a loss of confidence felt among customers.

Harris Interactive recently conducted research on behalf of SailPoint, a company that provides identity management services to demonstrate the importance of IT risk management. The firms' polled more than 6,500 adults in the United States, the U.K. and Australia to determine how they feel about the security of their confidential information. The results demonstrate how important data security is to retaining customers and bringing on new ones.

describe the image

"Consumers have reason to be concerned about the safety of their personal information and to question how effective organizations are at protecting that information," said SailPoint cofounder Jackie Gilbert. "In some widely publicized cases, the very basics of user access control were not put in place to safeguard sensitive data, making it child's play for intruders to gain access to it."

Given an increased number of breaches lately, many consumers seem to have become desensitized to incidents where confidential information is exposed or lost. Twelve percent of Americans, 8 percent of Britons and 8 percent of Australians said they feel it's common for financial institutions and retailers to suffer data breaches.

Still, consumers certainly aren't quick to forgive such situations. Twenty-six percent of Australians, 24 percent of Britons and 16 percent of Americans said they would no longer do business with a bank, credit card company or retailer if a data security incident exposed their personally identifiable information.

Furthermore, 16 percent of Australians, 14 percent of Britons and 10 percent of Americans said they would warn their friends and family against doing business with a company that has exposed or lost customer data.

"These companies obviously spent millions to recover from these data breaches, but the longer term and harder-to-measure costs will be the erosion of customer loyalty and decline in brand perception," Gilbert said.

Such effects may soon be felt by vending machine and gaming supplier Vacationland Vendors. It was was revealed that 40,000 visitors to water parks in Wisconsin and Tennessee had their credit card information compromised through point-of-sale modules supplied by Vacationland between December 2008 and May of this year. The company said its system was hacked.