It is common for data to get “lost,” meaning for data to become corrupted or deleted by accident. For example, dropping your laptop hard drive can easily lead to data corruption, as can malware or a computer virus. Data loss can be devastating for a business because it must expend time and resources to recover the lost data. In turn, that affects productivity. In addition, if the data loss stemmed from the company’s own actions or from something such as theft, the business needs to work on helping clients trust it again.
The good news is that there are many ways to safeguard against data loss, whether it stems from a power outage, liquid spill, software corruption, human error or something else. There’s more good news: In many cases, data can be recovered, and companies can take prompt action to restore customers’ faith in them.
Of course, many types of data loss rarely make headlines. For example, small businesses are especially vulnerable to data loss from power outages, but they don’t make the headlines. Similarly, a property management company employee who spills water on his laptop and corrupts the data on it won’t end up on the front page of the local newspaper. That said, plenty of data loss instances do make the headlines. Here’s a look at several businesses that experienced recent data loss (or the potential of data loss).
Catawba Valley Medical Center
Cause of data loss: Phishing
Three employees of Catawba Valley Medical Center in Hickory, North Carolina, apparently played into the hands of phishers and compromised patients’ health accounts in July and August 2018. The accounts included information such as Social Security numbers, dates of birth and names. A third-party forensics firm investigated the breach and determined that no patient information had been misused (thus far, anyway). Patients were notified of the breach in October, and Catawba Valley Medical Center stepped up its efforts to train employees on recognizing phishing emails. It also ramped up its overall computer and email security.
Speaking of phishing and health care organizations, Gold Coast Health Plan, the Minnesota Department of Human Services, Sunspire, Legacy Health, Manitowoc County and UnityPoint are examples of others that experienced similar phishing-related data breaches.
Eir and Coplin Health Systems
Cause of data loss: Stolen, unencrypted laptops
Eir is a broadband, telephone and mobile company in Ireland, and potential data loss occurred when an unencrypted laptop was stolen in August 2018. The data at risk included email addresses and names of Eir customers.
Closer to the United States, a Coplin Health Systems employee’s unencrypted laptop was nabbed in November 2017. It potentially put the data of 43,000 patients at risk. Coplin, based in West Virginia, took these actions after the theft:
- Disabled access from the laptop to Coplin’s network
- Regularly monitored systems for unauthorized access
- Notified police and the federal Department of Health and Human Services
- Conducted a policy and security review to minimize the risks posed by employees having devices with company data
Health and Human Services tends to be strict with any entity that doesn’t encrypt its data. Even if you own a smaller business such as an assisted living facility or chiropractic office, encrypt that data.
Cause of data loss: Bug
In October 2018, the world learned that Google+ had a bug for six days that enabled outside app developers to see data such as users’ occupations, email addresses and names. Even if a user’s profile was marked “private,” developers still had access to their information. The viewable data was for up to 500,000 profiles and did not include passwords or financial data. Still, the breach was so egregious that it led Google to accelerate plans to shut down Google+.
What really hurt Google is that the company learned of the data issues in March 2018 and kept mum. It could have been a moment for Google to shine. After all, it was the company’s own reviews that uncovered the bug. With transparency and an explanation of how it regularly runs multiple security audits, Google could have heightened customers’ trust in the company. Instead, the opposite happened.
Cause of data loss: Firmware updates
Sony’s story is interesting because, technically, any data loss was not of the company’s data. What happened: An October 2018 bug in firmware updates for the a7 III and a7R III cameras led to the possibility that photographers would permanently lose their new photos if they were using an SD card that had already seen multiple uses. Sony took the firmware update down in December 2018 and released a replacement update. It certainly would have been bad PR for the company if its camera users lost their photos.
The story didn’t end so well for Microsoft. One of its Windows 10 updates wiped out extensive stores of users’ files and other data, and Microsoft had been warned repeatedly that this could happen.
Data loss and your business
Whether your business has 100 clients/customers or 1,000, it’s important to protect your data as zealously as possible. The same goes for your employee data and private company information–they shouldn’t get out. Many types of data loss don’t make the headlines, but they can be lethal for a small business. Watch out for:
- Viruses, malware and phishing
- Human error such as accidental data deletion
- Liquid spills
- Power outages
- Hard drive damage
- Laptop theft
- Software corruption
- Natural disasters
- Insufficient testing of updates before they are rolled out
One of the most effective ways to mitigate the effect of data loss is to keep your data backups in a separate location. If your data is stolen or corrupted, you still have access to that backup data and know what exactly has been lost.