Once upon a time, criminals perpetrated identity theft by gaining access to Social Security numbers. But salon operators don’t typically require their guests to divulge their Social Security numbers, right? So what could a hacker gain by breaking into your system?
Most business owners have a basic understanding of how their computer systems work. But when you start talking about firewalls, back doors and trap doors, their eyes glaze over (at least mine do). Hackers, however, have a very sophisticated understanding of these terms and they use that knowledge for nefarious reasons – that is, after all, how they make a living.
When you collect any type of private information from a salon guest, it is your responsibility to protect that information.
Unfortunately, something as seemingly innocuous as an e-mail address can be used to obtain financial information. Most of us have received an e-mail from a trusted source only to find out that the account was hacked and personal information could have been stolen. In today’s fast-paced world, you may have responded to such an email message prior to realizing you shouldn’t have. And now that many salons are using some form of EFT for membership, they are maintaining the checking account or credit card info of many clients.
You only need to look at the recent events that plagued Target and Home Depot to understand how devastating a system hack can be. The data releases were just the beginning of their problems; not only were their customers subjected to possible financial loss, the businesses found themselves in the middle of a public relations nightmare.
When you collect any type of private information from a salon guest, it is your responsibility to protect that information. A system breach could make you liable for claims by those whose info was taken, and you could be subject to administrative action such as investigation. The costs to defend your business in these events can be very expensive.
Even if no one actually suffers a financial loss, the “clean-up” can be arduous. The first thing to do is find out how the hacker got in and remedy the problem. Then, figure out a way to notify every potential victim of the breach. You may need to offer credit file monitoring. And you certainly need your reputation protected.
Fortunately, there are ways to protect your business from this 21st-century form of criminality. Corporate Identity and Data Theft Protection are available as an attachment to many business insurance policies and are also available as stand-alone coverage. It is not as expensive as you might believe, and the peace of mind it provides is well worth the cost, especially when weighed against the possible damage to your business. ■