TMCnet Feature
November 19, 2019

How to Improve Your Data Security Practices in 2020

Collecting and storing data helps businesses improve the quality of their customer service, but it also brings serious risks. Consumer data are key targets for cybercriminals, making cybersecurity one of the most essential responsibilities of businesses today.

The current shortage of cybersecurity talent available for in-house hire may make preventing and responding to cyber threats more difficult, but companies can take some important steps on their own and turn to IT outsourcing companies for help. Here we explore why keeping data secure is more important than ever, discuss what can happen when it’s not protected. We also offer tips for keeping it safe.

Why Data Security Is More Important Than Ever

Keeping data secure is becoming more challenging. One reason is that there are more “entry points” for cybercriminals to exploit based on the growing number of connected devices. The Internet of Things (IoT) will add more internet-connected devices in the coming years and the expansion of 5G service will accelerate this trend. Analysts expect that by the end of 2020, almost 31 billion devices will be connected to the internet worldwide. Each of these devices is a target for cybercrime.

Additionally, cybercriminals are increasingly using automation and artificial intelligence to make their attacks more effective and believable and to seek out new vulnerabilities to exploit. Finally, the current shortage of cybersecurity talent for hire is likely to continue, making it more difficult for companies to protect themselves.

Yet, new regulations are putting pressure on companies to do just that. Governments around the world are passing data privacy legislation to govern how companies collect and store consumer data and assign liability for breaches. The EU has already enacted General Data Protection Regulations (GDPR), which impacts all companies doing business with European customers. The U.S. has federal legislation in place for certain industries, such as healthcare and financial services, but has yet to pass broader regulations. Several states have it in place, however, including the California Consumer Privacy Act (CCPA) which goes into effect in January 2020.

What Can Happen When You Don’t Protect Data

The results of a cyberattack can be devastating to a company. Experts predict that the average financial cost of a data breach in 2020 will exceed $150 million. In addition to the direct monetary cost, companies that suffer breaches risk the loss of valuable time and the brand reputation that keeps customers coming back. In extreme cases, a breach can lead to bankruptcy.

With new data privacy regulations, consequences may also include significant fines or penalties. For example, under GDPR, administrative fines can be either 2% of annual sales (or $12 million, whichever is higher) or 4% of annual sales (or $24 million, whichever is higher), depending on the specifics of the data breach.

Tips for Sound Data Security

While all of this may sound like doom and gloom, there are many steps businesses can take to promote strong data security and to avoid or minimize the negative impacts of cyberattacks:


Prioritize the protection of the most valuable and sensitive data first. Create a security policy plan for what to do if a breach happens and keep the plan updated as technology and threats change. Conduct regular security assessments to identify new vulnerabilities. Additionally, secure access to physical devices that contain data, such as computers, laptops, tablets, company phones, and hard drives.

For Customers

Be transparent and open about the data you collect, how it’s stored, and why you collect it. Share a clear privacy statement with your customers annually. Don’t collect sensitive data that you don’t need to conduct your business, as the more data you store, the more it is at risk of being stolen or compromised.


Use automated tools to detect and respond quickly to cyber threats, keep all software and data protection programs updated, and set up backup and recovery methods you can use to replace compromised data if a breach occurs. Ensure any cloud-based security programs include appropriate firewall protections. Add two-factor authentication to all online customer accounts and transactions.


Promote cybersecurity awareness among all your employees, with the idea that everyone is responsible for data security. Training should include information about your company’s data privacy policies, strong password protection practices, how to stay aware of known threats, and best practices for data handling in each position.

Manage the access employees have to sensitive data, to prevent internal attacks and minimize the chance that inadvertent mistakes expose data. Make sure employees only have access to the data they need to perform their jobs.

In Summary

While it may feel daunting to predict and respond to cyberattacks, cybersecurity will remain a priority in the future. Don’t risk your company’s good reputation or the trust of your customers by ignoring this essential part of doing business today. You may not be able to guarantee a cyberattack will never happen to you, but you can take steps to make it less likely and to minimize any negative impacts on your business.

» More TMCnet Feature Articles


» More TMCnet Feature Articles