All store owners, no matter if their establish is tangible or ecommerce, need to have crisis plans in place. This applies to many different aspects of business, from a fire exit escape route to a big server crash. Data leaks are a real possibility when you’re working primarily online, so they’re definitely something all companies need to plan for.
The question is this: how do you plan for a data leak? What are the steps that need to be taken after something like this happens? While it’s important that every business make decisions that are best for their structure and purpose, there are some very obvious dos and don’ts when it comes to your data leak reaction.
Do: Own Your Mistake
Unless you have the most state of the art data system in place, it’s likely that you aren’t actually doing everything possible to keep customer data safe. Small businesses aren’t expected to have the security in place that Fort Knox has, but that doesn’t absolve them of any blame when a data leak infiltrates their flawed safety system.
Even if you are doing everything possible to secure your data, customers don’t see it that way. They trusted you with their information and you couldn’t keep it safe – that’s something to apologize for in and of itself. Because of this, it’s important that any announcements you make about the issue ackno0wledge fault.
Don’t: Keep Consumers in the Dark
A kneejerk reaction might be to keep things hush-hush and hope the data leak doesn’t lead to any major harm. This is a big no-no.
For instance, say this is the approach you take. A few months down the road, suddenly a disturbing trends pops up – people who shopped through your Shopify store are finding their email address used in a large online dating service that’s trying to bill them for something they didn’t purchase. All threads lead to your store as the data leak source, and you admit that yes, a data leak did happen – five months ago.
How does this look? When a data leak happens, the correct response is to tell consumers as soon as possible, and keeping them updated frequently instills trust in your business’ competence.
Do: Promise to Do Better
Not only should you promise to do better, you should actually follow through on this promise. If a data leak springs from your company, something has to be wrong with your security systems. The Rewind Vault has systems in place that keep all of our client’s customer data protected, and your store should have something similar.
First, identify the issue and explain it as plainly as possible. From there, assess what can be done to prevent this happening in the past. Correct the problem and people will trust you again.
Don’t: Let Known Issues Fester
When you know that there’s a potential for data vulnerability, nip it in the bud. Many companies assume data breaches won’t happen to them, so problems related to security go unsettled for long periods of time. The longer these problems go ignored, the more likely it is that someone will steal and leak your business’ data.