This information was stolen by using an unknown third-party application. Despite the fact that the management of Facebook has promised to take measures to prevent similar situations in the future, the incident caused a significant damage to the reputation of this social network.
Thus, these threats are not only domestic, but international is well. If large corporations are valuable, what could be said about small or medium-sized organizations? You are correct in your assumption, they don’t have the financial means to keep their databases secure. However with the rapid grows IT-technologies there are numerous have the opportunity to keep themselves and their clients protected.
Fines that could be prevented
Let’s mention few examples of penalties that could be faced because of these incidents. Samsung was fined $400,000 in 2013. This happened as a result of improper storage and processing of personal data by PlayStation Network gamers. Once your personal data is on the internet, you are automatically open for fraud.
In 2015 the Hilton hotel chain was fined $700,000 because they lost 350,000 customers’ personal data. This caused a small dent in their multibillion dollar income. However this is a significant blow to their reputation. Moreover, in 2018 EU GDPR law has changed and if this happened again, the company would pay $420,000,000.
Bithumb, South Korea exchange operator, was penalized 55$ in 2017 for their negligent behavior towards the storage of their clients’ data.
These are just a few examples of how businesses lose significant funds by violating privacy laws and trying to save a dollar on data storage safety.
What is two factor authentication?
One of the technologies allowing to ensure the safety of customer significantly reduces the risks of stealing customers information by scammers. It is very user friendly and simple use, and to login a customer needs to:
- Enter login and password;
- Enter a one-time code that will be sent via mobile (by phone call) or to the hardware token;
- Authenticate.
Everything is pretty simple, but very effective. This way of logging into an account will make the level of data protection more effective than using a login form on your browser only. Currently, two-stage authentication is used by Google and other various financial institutions (in particular, banks).
Is it guaranteed a 100%?
We talked about the fact that two-stage authentication provides a high level of security for personal data. However, does it give you 100% protection? No, it gives you a 99% chance of privacy. As hackers have learned to partially bypass this method of protection.
However, 2fa is gradually altering and updating along with new technologies. These are the choices available to you right now:
- Password + sms
- Password + call
- Password + security key
As one of our clients from Insight Memory Care Center shared with us, his company pays special attention to the security and customer’s data. That’s why his company uses the capabilities of 2-step verification:
“At the end of the day, there are so many rules and regulations that need to be followed and we rely HEAVILY on our providers and our IT folks to be able to manage and monitor that stuff. We are the caregivers. But the one thing I can say is that when you have that sense of security and know that your providers and IT folks are on top of things, it gives you the peace of mind. One less thing to keep you up at night!”
Joel Bednoski, Executive Director
We absolutely agree with Joel, and encourage a wider use of 2fa to ensure security of personal data for people around the world.
It is important to note, 2fa technology does not stand still. By autumn 2018 an authentication with password through text messaging will be eliminated. Furthermore, by 2020 authentication via password through phone calls will no longer be available. Right now HIPAA requires a 2fa use such as phone call or text messages codes confirmation. Taking into account this development tendency, by 2023 the verification with the help of a password and a token might be eliminated as well and clients’ fingerprint or an eye scan will take its place.
How much does it cost?
So, how much will it cost to implement 2fa? Note that the development and implementation of new technologies was, is and always will be quite expensive. Nevertheless, there are options that are quite acceptable even for small companies.
For an example, it costs around $3000 to hire a development team of 3 for 2 weeks to develop, implement and configure 2fa. With the increase in demand, the cost might also increase.
However, having spent even a considerable amount of money, you will make your business much more stable. I do not know about you, but my personal data is very important for me. We all want to keep our private life as private as possible, and in this we are alike.