Preventing Data Breaches In Your Business

Posted on

Jan 18th, 2018

Category

Blog

Share on

Businesses today collect and store massive amounts of data about customers, employees, and competitors. This data usually stays within the confines of the company’s local network, but there are cases where it ends up in the wrong hands.

Data breaches can happen to any business, whether it’s an enterprise or a small business. The key to avoiding one is to ensure need to have a proper process for managing sensitive information.

What is a data breach?

A data breach is an incident that leads to the unauthorized release of private information such as intellectual property, personal health information (PHI), trade secrets, and personally identifiable information (PII).

Offenders commonly use data breaches to get credit card numbers, social security numbers, and healthcare histories, as well as company information, such as software source code, customer lists, and manufacturing processes.

A 2017 study by Security Metrics found that the average organization was vulnerable to security breaches for 1,549 days. What’s even more surprising is that 97% of businesses had firewalls in place at the time of compromise, and at least 15% of firewalls did not meet PCI requirements.

The longer it takes to find a breach, the higher the cost will be. Research from IBM shows that the average price of a data breach in 2016 was about $4 million. However, this cost went down to $3.62 in 2017 because the average time to detect a data breach decreased to 66 days from 70 days.

Recent data breaches

In the past ten years, there have been more than 300 data breaches involving both large and small companies.

Below are some the most notable breaches of 2017:

Yahoo

In 2013, Yahoo had a data breach that led to three billion compromised accounts. Everyone with a Yahoo account at the time was affected, but the company didn’t disclose the hack until 2017.

The breach exposed usernames, email addresses, hashed passwords, birthdays, phone numbers, as well as security questions and answers. Yahoo later confirmed that hackers were not able to get credit card information associated with each account, nor were they able to steal passwords.

Nissan

Nissan Canada is another company got hit with a data breach in 2017. Their breach mainly targeted customers that financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada and affected 1.13 million customers.

Nissan Canada found out about the data breach on December 11 but didn’t tell customers until December 21. “We immediately began taking steps to make sure the breach happened, everyone is now being contacted,” a spokesperson at Nissan Canada said.

Equifax

The Equifax data breach of 2017 was perhaps one the most publicized breaches of the year. It affected 143 million consumers and lasted from mid-May through July.

Hackers got access to people’s names, social security numbers, birth dates, addresses and, in some cases, driver’s license numbers. They also managed to steal 209,000 credit card numbers and the personal information of 182,000 people living in the United States, the UK, and Canada.

How to prevent data breaches

Below are three things we recommend you do to prevent your company from falling victim to a data breach.

Train your employees

Create procedures and policies describing how employees should manage private data and then train your employees on the rules. You should also encourage them to follow basic best practices such as logging off their computers, encrypting shared folders, and locking their offices at the end of the day.

Protect your data

Always use a safe location or device to store records of private information. Restrict this information to only employees who must have access and never allow third-party vendors or temporary employees to access private information about your customers.

Destroy unused hardware

Destroy any devices that contain private information including CDs, DVDs, and hard drives. Simply deleting your files or reformatting your hard drives will not erase all data. The best way to completely wipe everything is to use specialized software or hire a professional.

At Securis, we have a team of experts who can help you safely dispose of private customer information from your hard drives using best practices and procedures. Contact us today to learn more about our services.

 

  • Christopher Madeira

    Christopher Madeira

    Director of Marketing

    ITAD Communications & Strategy Expert

    Snapshot / Quick Stats

    • 15+ years of experience in marketing strategy, brand development, and communications
    • Specialized in IT asset disposition (ITAD) messaging for compliance-driven industries
    • Former leadership roles at The Chronicle of Higher Education, CQ Press, and other respected publishers
    • Key focus areas: Market Trends, Client Education, ITAD Compliance Messaging, Thought Leadership, SEO-Driven Strategy

    Areas of Specialization

    • Market Trends & Competitive Analysis – Tracks shifts in ITAD, resale, and sustainability markets to shape strategy and keep Securis ahead of industry developments.
    • ITAD Compliance & Security Messaging – Crafts clear narratives that translate regulatory and data security requirements into approachable guidance for IT leaders.
    • Client & Stakeholder Education – Builds educational resources and thought leadership content that empower clients to make informed ITAD decisions with confidence.

    Professional Narrative (Career Journey)

    Christopher Madeira is the Director of Marketing at Securis, where he shapes how the company communicates its mission of Secure, Accurate, and Sustainable IT Asset Disposition to regulated industries, government agencies, and enterprise clients. With more than 25 years of experience in marketing and communications, Christopher brings a unique perspective on how to bridge technical ITAD processes with clear, client-centered storytelling.

    Before joining Securis, Christopher served in senior marketing roles across publishing and education organizations, including The Chronicle of Higher Education, CQ Press, and Congressional Quarterly. These positions gave him deep expertise in shaping brand positioning, leading cross-functional teams, and delivering content that informs and engages decision-makers.

    At Securis, Christopher drives marketing strategies that not only build awareness but also educate IT leaders on data security, compliance, and sustainability best practices. His work ensures that Securis remains a trusted voice in the ITAD industry, aligning brand authority with the company’s core differentiators: Secure, Accurate, and Sustainable services.

    Quote

    “Clear communication makes complex ITAD issues approachable for IT leaders.”

    Thought Leadership & Recognition

    Christopher is the author of numerous Securis blog articles on compliance, sustainability, and ITAD strategy. He has also developed content campaigns that help IT decision-makers understand the evolving landscape of secure data destruction, ESG reporting, and value recovery.

    Personal 

    A strategist at heart, Christopher is passionate about helping organizations cut through the noise and understand the real risks — and opportunities — in ITAD. Outside of his professional work, he enjoys exploring D.C.’s history, traveling,  connecting with his community, and aviation photography. 

    Trust & Transparency

    Christopher ensures that every piece of Securis’ external communication is not only accurate but also aligned with the certifications and compliance standards that define the company’s reputation. His commitment to transparency reinforces Securis’ standing as a trusted partner for IT asset disposition.