Market research companies are faced with varying challenges and security threats when it comes to protecting their data. Over the last two years, there have been many breaches exposing millions of data records as cybercriminals have been targeting both the public and private sectors. According to IBM’s 2019 Cost of a Data Breach Report, the average cost of a data breach worldwide is $3.9 million. For the United States, that number soars to $7.91 million.
The burden of responsibility is widening as many international regulators are now holding organizations liable for any privacy or security breaches. As custodians of sensitive client data, market research companies have a responsibility to minimize the security risk for data both in motion and at rest.
Data in motion, as its name suggests, refers to information being moved from one location to another across the internet, along networks, or from storage devices or the cloud. Protection methods are particularly critical because this data in transit tends to be thought of as less secure than data at rest, which is information simply stored or archived on hard drives, devices, or networks.
Protecting data is critical not only for its own obvious sake, but also to reassure potential survey participants who might be apprehensive about participating in your market research project due to being aware of recent data breaches in other sectors.
Some recommended measures to be implemented include:
• providing staff with cybersecurity tools to ensure ongoing compliance with best practice policies and procedures;
• lowering risk exposure by implementing technology such as intrusion detection systems (IDS), intrusion protection systems (IPS), honeypots, and firewalls;
• regularly monitoring and auditing security procedures to meet developing cyber threats;
• implementing detailed security policies that entail procedures, rules, and roles so all staff members understand that data privacy and security are priorities (e.g. policies like handling procedures, usage, privacy, social media, and user responsibilities);
• keeping informed with all cyber-threat news, updates, and applicable security patches;
• investing in data-breach or cyber-security insurance; and
• conducting penetration testing—also known as “ethical hacking,” this the practice of testing a computer system or network to find security vulnerabilities that could be exploited.
Perhaps one of the most important data security recommendations comes down to always ensuring you are working with people whose approaches and practices you can trust. The Logit Group is continually implementing new measures that comply with industry best practices and address client concerns and requirements about data security and privacy while adhering to data protection laws.