How to keep customer data safe

Make sure your business meets the Data Protection Act requirements for keeping customer data safe. 

Here's our guide to the simple steps you can take to safeguard customer data.

1. Keep tabs on where customer data is stored

Adopt a clear, consistent policy for how your business stores customer data. 

Data should be stored in one central location with a regular backup schedule in place. 

Make sure that your employees do not save customer data on individual or personal PCs or mobile phones. 

If storing customer data on external hard drives or servers, these should be stored in a cool, dry room with secure locks to prevent theft. 

If storing data using cloud-based services such as on Google Drive, ensure you use secure passwords on your accounts and your wi-fi network. 

All confidential data should be encrypted too.

2. Limit employees who can access data

Allow only authorized access to customer data and ensure data is regularly backed up in case it is deleted or changed by staff. 

Set secure logins with passwords for servers and computers, with different access levels for staff to ensure minimal access to critical data. 

Strong passwords - with a mix of capital and lower case letters, characters and symbols should be used and changed monthly. 

Educate staff on the importance of keeping data safe and the potential risks from hackers or malicious software.

3. Install security software

Ensure your security is up-to-date and install anti-malware software and spyware protection to prevent hackers from accessing customer data. 

Set anti-virus software to perform daily scans for viruses that could erase your data or copy it and send it elsewhere. 

Only open emails from known senders and be cautious of suspicious web sites - if possible, limit access to web sites for staff using office equipment.

Firewalls are important to protect data from hackers. 

Newer Mac and Windows computers include firewalls, but make sure these are turned on. 

As your business grows, consider buying hardware-based firewalls, which are installed in office routers to prevent hackers getting onto company networks. 

Hardware firewalls are useful for protecting a network of computers that share the same network.

4. Regularly back up customer data

Storing data is only one place means files can be permanently lost, so back up your data regularly. 

Use a mix of strategies for backing up all your data, with more regular incremental backups that store only changed information. 

External drives such as CD, DVD and external hard drives can be used to store data, but have the potential to be stolen or break over time. 

Store backups off-site in the case of office disaster such as flood or fire. 

You can also back up data to cloud-based services such as DropBox, but be sure to ensure to encrypt any data stored with a third-party company.

5. Limit data transfers

Customer data is vulnerable to being stolen or hacked when shared or moved. 

Consider whether you'll be transferring customer files physically (such as on a memory stick) or electronically (such as via email or streaming).

Memory sticks are easy to lose, so transferring over a secure internet connection may be safer - although emailing customer data, even if protected by a password, is not considered safe as emails generally are unencrypted and so are easy to hack. 

Encrypt data before transferring and enable email protocols such as SSL and IPSec.

Learn more about entrepreneurship with our free online courses in partnership with the Open University.

Our free Learn with Start Up Loans courses include:

Plus free courses on finance and accounting, project management, and leadership.

Disclaimer: The Start -Up Loans Company makes reasonable efforts to keep the content of this article up to date, but we do not guarantee or warrant (implied or otherwise) that it is current, accurate or complete. This article is intended for general information purposes only and does not constitute advice of any kind, including legal, financial, tax or other professional advice. You should always seek professional or specialist advice or support before doing anything on the basis of the content of this article.

The Start-Up Loans Company is not liable for any loss or damage (foreseeable or not) that may come from relying on this article, whether as result of our negligence, breach of contract or otherwise. “Loss” includes (but is not limited to) any direct, indirect or consequential loss,  loss of income, revenue, benefits,  profits, opportunity, anticipated savings, data. We do not exclude liability for any liability which cannot be excluded or limited under English law. Reference to any person, organisation, business or event does not constitute an endorsement or recommendation from The Start-Up Loans Company, its parent company British Business Bank plc, or the UK Government. 

Your previously read articles