5 Tips for better lab data security.
Sure, it’s easy to blame Mark Zuckerberg for making the nation feel afraid to share data online. Especially in an election year. But, truth be told, it wasn’t that long ago that even the tech-savviest among us felt a little reticent to punch our credit card details into the ol’ internet or share personal information. And, as our internet usage evolved at lightning speed, we saw those initial fears play out again and again as corporations large and small have struggled to protect customer data. From Yahoo to Marriott, MyFitnessPal to Ashley Madison, Twitter to LinkedIn, data breaches have wreaked a ton of havoc on billions of people.
This is why we can’t have nice things.
Except … we can, as long as we understand that with great volumes of data comes great responsibility. If you’re considering a customer portal for your fluid testing laboratory, you’ll want to make sure you have your bases covered in terms of security. And, also that you have a plan in place if a breach does happen. The good news is that some of the simplest security measures can be the most effective. Take a look:
1. Keep your hardware safe.
First things first. Secure your hosting environment properly, abiding by NISC standards as closely as possible. This involves firewalls, monitoring, physically locked doors, escorted access, etc. If the portal contains sensitive data, ensure the data is encrypted at rest and during transit using the most up-to-date algorithms, such as TLS 1.2. There may be other guidelines depending on your what type of testing your laboratory does.
2. Consistently apply security updates.
Check portal software and hosting hardware on a frequent basis for security patches. This includes running a mainstream anti-virus software with definitions that are constantly updated. If a breach occurs because your lab got lazy with security-related updates, it can cause some serious cracks in your customer loyalty.
3. Limit access to data.
This applies to both sides of the equation – your staff and your customers. On your end, grant administrative access to software, hardware and data to only select personnel who are aware of security concerns. If someone leaves your company, remember to remove them from the portal. For customers, encourage permission-based access where they can control who has access to what layers. You may also want to recommend two-step authentication for added security.
4. Adhere to industry standards.
Sounds like a no-brainer, but make sure you are familiar with any standards such as OWASP or NISC that the portal software will need to abide by. Your software vendor will be able to help you make sure you have everything in order.
5. Manage data responsibly.
Only about a quarter of consumers think that companies handle their data responsibly. Make sure you’re quelling those fears by being clear and open about how you manage customer data. Data should be redundant in geographic locations or backed up on a consistent basis. Additionally, you should monitor and log all data, and customers must be contacted if there is any concern of a potential breach. Transparency is everything. Data breaches happen on occasion. How you handle one will determine if your customers still trust you. It’s best to tell them upfront what your action plan is should a breach ever occur.