5 Ways to Lower Risk and Maintain Privacy in Your Organization

April 8, 2021
Steve Fox

Privacy and security have taken center stage for most individuals and businesses. As businesses shifted to remote or hybrid work environments, they also saw an increase in usage of Internet of Things (IoT) devices, cybersecurity risks, and privacy concerns. In fact, the pandemic highlighted interdependencies across privacy, ethics, fairness, and transparency. Looking ahead, business leaders must focus on addressing privacy and security concerns as a strategic imperative.


The increased usage of digital technology in our personal and professional lives has quickly become a double-edged sword. On the one hand, it has increased our portability and enabled individuals and businesses to continue to thrive in spite of the pandemic raging all around us. On the other, this portability and increased usage have enabled businesses to collect even more data about customers, prospects, and employees, including location tracking, personally identifiable information, and more. Although this can present a tremendous competitive advantage for businesses, it is not without risks.

Forrester Research recently highlighted three privacy trends that business leaders must consider going forward:

  1. Increased appetite to collect, process, and share sensitive personal data from consumers and employees.
  2. Increased consumer demand to engage and entrust data with ethical businesses only.
  3. Increased regulatory and compliance complexity associated with data privacy.

By incorporating a privacy-by-design approach to initiatives going forward, leaders can ensure the proper safeguards are in place to meet the growing demand for collecting, processing, and sharing sensitive information, as well as address the increased risks created by this demand. So how can you lower that risk and maintain privacy security in your organization?


To lower your risk and protect your business and customer data, keep in mind the following best practices:

  1. Only save necessary data. Organizations often save more information than they need, which can lead to increased risk should a data breach occur. Reduce your risk by only saving necessary information and discarding the rest.
  2. Stay current with cybersecurity protection. Cybercriminals continue to learn, adapt, and attack any weaknesses that they find. Don’t become complacent in your cybersecurity processes.
  3. Have a data breach response plan. Be prepared for anything, including a data breach. Ensure you have a response plan documented, discussed, and ready to implement should a breach occur.
  4. Set internal controls to protect data from internal threats. Restrict employee access to only information they need to perform their job effectively. Establishing user-based permissions will limit the exposure risk to your sensitive information.
  5. Keep an up-to-date inventory of company devices and user permissions, and ensure remote access to these devices. The days of office-based computers, phones, and other devices are long gone. Today, employees are working in a variety of environments and need devices that can remotely access company information any time, anywhere. By maintaining an accurate inventory of these devices, as well as user permissions and anticipated locations for these devices, you can minimize the risk associated with a lost device by remotely restricting access or wiping a device, if needed.


To truly monitor and maintain data privacy within your organization, you must look both internally and externally. Internally, you must ensure you have the proper privacy policies and procedures in place to protect the data that you collect, process, and share. You must monitor the usage of company devices and access points for all employees and be able to remotely restrict access or even delete data should that device be lost, stolen, or misused.

From an external standpoint, you must be aware of potential cybersecurity threats and ensure you have proper patches and security protocols in place to protect your data and infrastructure. Further, you must be aware of new and updated privacy regulations from the federal and state level. Violating one of these regulations could cost your business significantly.

join our email list