By Ken Hendrickson
Firewalls, encryption, viruses, malware, patches, e-mail filters … Do you know what these things are? Do you need to know, and why should you care?
Many self-storage operators are confused about data security and how to keep their tenants’ information safe. Because of this, they miss important security steps. The following simple precautions will help you better care for customers’ private data and prevent it from falling into the wrong hands.
Situations That Invite Risk
My friend recently received a call from a stranger who started asking about his father-in-law (we’ll call him Jim). Here’s a transcript of the interaction:
“Hi, is Jim there?”
“Sorry, you must have the wrong number.”
“I’m trying to get a hold of Jim about an order. You know Jim, right?”
“Uh, yes, he’s my father-in-law.”
“I just need to get his number or, actually, do you know his address?”
“Umm … I don’t know you. How do you know Jim?”
“I’m just trying to get in touch with him about a matter.”
“Well, sorry, I don’t know who you are.”
Has this ever happened to you? It can happen through a phone call or e-mail. You might even receive a physical letter that tries to convince to take certain steps and verify information. The hackers and criminals of the world are getting craftier by the day and are always changing up their angle.
One of the most basic ways a self-storage operator can protect his tenant data is to train himself to handle it with discretion. The likelihood of your computer being hacked and data stolen could be the least of your worries. You might have real data leaks happening every day. Here are some situations that leave you open to risk:
- Leaving signed lease agreements out in the open
- Talking about tenant accounts while other customers are in the office
- Storing credit card information on paper
- Failing to lock up lease agreements, credit card numbers and other information in a filing cabinet
- Giving tenant data to unknown callers or e-mailers claiming to be the customer or his family member
- Failing to protect recordings of incoming sales calls
Some of these items relate to compliance with payment card industry (PCI) standards. While PCI compliance has more to do with credit card data, it can apply to other tenant data as well. To be compliant, employees should be trained on the do’s and don’ts of handling customer information. Much of it is common sense. If you’re unclear about PCI compliance, talk to your management-software vendor or credit card processor to get up to speed.
I’m sure you’ve seen the news clips about large retailers Home Depot and Target being hacked and their data compromised. When it happened, I thought to myself, “These companies have millions of dollars, information-technology teams, computer professionals and money to spend on security. If these guys are getting hacked, I don’t have a chance.”
Everyone is vulnerable. One thing you can do to protect your business is to buy an insurance policy that would cover liability if you ever get hacked and your tenants’ credit card data is stolen. None of us is immune to bad occurrences. We can take as many steps as we can to avoid problems, but it will never fully protect us from risk. One thing to note, however: When you buy a cyber-liability insurance policy, you’re required to be PCI-compliant.
Another simple way to keep tenant data safe is to ensure your computer’s automatic updates are turned on and being completed. Your management software is constantly being revised through updates. These close security loopholes so your computer can’t be hacked. This is one of the easiest things you can do to keep information secure and avoid a data breach.
Many self-storage operators are choosing Web-based management software for security reasons, as with this software, no physical data is stored on the office computer; it’s all kept in the cloud. If the computer is stolen or accessed by someone other than a staff member, it’s less likely there will be a breach. Web-based software also eliminates the need to track and back up data. You don’t have to worry about losing your information to a hack or another unfortunate incident, as it’s always stored safely and up-to-date online.
When considering software options, inquire about PCI compliance and whether the vendor offers a cyber-liability insurance policy. Companies that offer this software should take their own steps to keep data secure.
When it comes to data security, the best advice is to be aware of the risk and train yourself on how to better protect business data. Keep your computer up-to-date, and be mindful when handling customers’ private information. If you’re not sure where to start, call your software and credit card vendors. These companies are trained and current on the latest in data security.
Ken Hendrickson is a co-owner of Easy Storage Solutions, a provider of Web-based management software for small to mid-sized self-storage facilities, and RIZE Marketing, a full-service marketing agency serving self-storage operators. For more information, call 888.958.5967; visit www.storageunitsoftware.com or www.selfstoragemarketing.net.