The construction industry has not experienced the massive data breaches seen elsewhere in the United States, such as in the health care and retail sectors, though these firms need to remain aggressive in their protective strategies. One data breach can be devastating both in the sense of reputation and continuity, as victimized organizations will tend to struggle to regain the trust of their current customers, as well as prospects that might be in the sales cycle.
One study from Ponemon Institute and IBM revealed the average cost of data breach rose by 23 percent between 2013 and 2014 to $3.8 million per incident, with each record lost leading to $154 in damages. Construction firms cannot afford to foot this bill alongside all the other challenges of financial management and accounting present in the sector. Re-focusing efforts to protect sensitive internal and client data can go a long way toward boosting a construction company’s stock.
Many construction firms have begun to deploy more advanced management systems and technologies, including those used for reporting, accounting and enterprise resource planning purposes. Transitioning into either cloud-based or advanced on-premise solutions will inherently represent risk, as migration is one of the more common situations in which information gets lost, stolen or otherwise exposed to the wrong eyes.
Some might begin to think that on-premise solutions will be inherently safer, but this is simply not true. No matters what types of systems are in place, data security strategies and policies will need to be intelligent and comprehensive. What’s more, ZDNet reported that just under two-thirds of decision makers who responded to a Cloud Security Alliance survey stated that they trust the cloud more than on-premise options.Again, neither is naturally secure, but cloud-based options will tend to be managed by an outsourced firm, alleviating the internal strain of those responsibilities.
Construction leaders who want to truly improve their security performances should focus on the following areas:
- People: Make sure staff is aware of policies and properly trained in data security best practices.
- Process: Policies need to be aligned with best practices and specific threats facing the business.
- Technology: Acquire data security solutions and support from a trusted service and software provider.
When these three areas are properly covered, construction firms will be far better-positions to avoid the prospect of experiencing a major data breach.