Keeping your customer information safe
Data leaks and breaches have been making headlines recently and having your customer's personal information exposed can result in serious complications for both businesses and individuals. It doesn't matter whether you are offline or online, hackers can get to you through the internet, Bluetooth, text messages, or online services you use, such as Utilmate.
Keeping your customer information secure is important. While there's no bulletproof way to prevent a cyber attack, there are things you can do that will help to lessen risks.
Customer personal information you may be holding in Utilmate includes:
- - Credit card numbers
- - Bank account details
- - Date of birth
- - Identification information
To improve the safety of your customer data, below are our simple and practical tips:
Not holding credit card and bank account details
Utilmate is not PCI compliant and utilises the services of PCI-compliant service providers, such as our partners Ezidebit, Stripe, StrataPay or GoCardless, who securely accept and store the data. Tokens are passed to Utilmate not account details. We recommend using one of the payment gateways and not storing credit card or bank account details in Utilmate.
Delete closed account personal data
As per Australian Privacy Principle 11, if you no longer require your customer's personal information we recommend you remove the data from the account.
Remove date of birth and identification information
If you are not using or don't have plans to use this data (ie credit checks or referring to a debt collecting agency) or the account is closed, we recommend you delete the data from the account.
Weak credentials
Passwords are the Achilles' heel of identity security. Utilmate enforces the use of strong passwords and has an automatic lock-out if an incorrect password is used too many times. We can also enforce periodic password expiry ie every 3 months, to ensure users reset their passwords.
Former employees
When an employee leaves your organisation, remove or deactivate their account.
In addition to the above useful steps that can be taken to keep your customer data safe, we have in place a number of technical barriers and protocols. To find out more about how we do this, please feel free to request our technical capability statement.
If you require assistance with any of the above or would like to find out more about Ultimates data security and risk management, please get in touch.