Almost every day we hear about companies or organizations whose data has been compromised through various types of security breaches. The consequences of a security failure can be extremely damaging to a company’s reputation, very expensive to correct, can incite legal actions, or as a worst-case scenario – be fatal to a company’s future. How certain are you that valuable customer information is stored safely within your company’s system? Here’s a checklist you can refer to that will help you ensure that your data is protected and that internal processes are both secure and compliant with international guidelines. The elements of the list are standard features and operating practice for all Contact Boss subscribers and serve as useful information for any organization looking to enhance their data privacy compliance.
- System logins: A key step in data protection is the capability to record all access points to the CRM system. Knowing who has logged in, when and from where provides a confidence level for managers and creates a sense of accountability for all within your organization.
Contact Boss automatically keeps a record of all recent logins, including IP address and geo-location, allowing for easily retrieved, up-to-date tracking of system accesses. The reports can be generated by date, user, or browser or operating system and also just by using a keyword. As well, a multi-factor log-in process can be implemented for greater data protection at the access point, guaranteeing that all users have obtained the necessary permissions
Access to some sensitive data may require specific restrictions, and CRM software should be customizable to allow for levels of access according to system-defined parameters. Employee access permissions can easily be added, new passwords or security questions set or removed through basic settings at Contact Boss’s CRM.
- Audit trail: It’s possible that a loss of data may be related to database updates. At Contact Boss, all changes made within the system are recorded using a sophisticated audit trail which notes updates to all records within the system, meaning any changes can be identified by user and content. Take a look at this video to learn more about the audit and login trails provided by Contact Boss.
- Secure https is the new standard: Now, most website developers looking to build sites that are secure and designated HTTPS, providing data privacy for users and preventing tampering in all interactions, not only sensitive or financial interactions. Also, more and more often that HTTPS standard is a requirement for the installation of many applications. Google developers explain further Why HTTPS Matters.
- Safe storage of data: Once your company has collected its valuable set of customer contacts, it is important to protect the data to the highest degree. Fail-safe means to protect the records is crucial both for the benefit of the customers and for the future of the company. At Contact Boss all data is scheduled to be backed up once per week and stored in the cloud ensuring protection against hard-drive failure, device theft or cyber attack.
- Secure payment process: Contact Boss subscribers enroll via Brain Tree Payments (A Paypal Service), which keeps your transaction secure.
While Contact Boss software is North American based and does not require compliance with the recently passed EU General Data Protection Regulation, business owners should be aware that if they are collecting data from anyone in the EU, they should take a look at their responsibilities regarding data privacy. That advice goes for any company handling customer information and research data from any source, and we also recommend a careful review of Canada’s regulations regarding data privacy. The fact that Contact Boss’s infrastructure is based in North America provides extra peace of mind for many of our customers. Our online clients are becoming more concerned about their privacy every day, and showing that your operation has established solid protocols that are compliant with guidelines and regulations is certainly well-advised.
Adding a line somewhere about our infrastructure also running from North America may be beneficial