How to ensure your business software provider is doing all it can to protect your data
In the past few years, privacy breaches around the world have made technology users conscious about the way their data is being used. You only need to look at the growth of privacy-centric products like search engine DuckDuckGo to see how mainstream privacy awareness has become.
But data privacy issues don’t just affect private individuals. They can have a massive impact on businesses, with the average data breach costing in excess of R43-million. Surveillance companies, which rely heavily on showing ads to survive, collect user information even from adjunct properties (such as websites of service providers) without users’ permission. B2B companies frequently use products and services from these surveillance companies, giving them access to their users’ data.
What can you do to ensure that you find a business software provider that doesn’t drag you into this trap?
1. Ensure they don’t allow third-party trackers
Many business software providers use third-party trackers that allow them to study their website visitors. However, the apps they use to track them use that data to sell ads. This is known as adjunct surveillance. With the upcoming macOS Big Sur update, it will be easier for users to know which websites are tracking them.
When it comes to choosing a software solution for your organisation, look for the ones which entirely block third-party companies across all their properties. Another thumb rule is that vendors who have an ad-based revenue model, are dependent on selling your data so it’s best to avoid them, if you are serious about protecting your data.
2. Look for regulatory compliance
While governments around the globe have generally been slow when it comes to enacting protective legislation, they have made up ground in recent years.
In South Africa, for instance the Protection of Personal Information Act (PoPI) recently came into effect, while the European Union’s General Data Protection Regulation (GDPR) has been so since May 2018.
While being able to demonstrate compliance is by no means a guarantee that your business software provider will protect your data, it shows that they at least have basic privacy and security structure in place.
3. Regular communication around data protection
One of the most powerful tools any organisation has at its disposal when it comes to data protection is user education. The data and security landscape is, after all, evolving constantly and your business software provider needs to be on top of that.
If your provider is educating you on the latest data threats, it’s a powerful demonstration that it cares about you keeping your data secure. Moreover, a provider that empowers its clients in this way is a good indicator that it’s doing everything on its end to protect your data too.
4. It’s honest about its revenue streams
In the business software space, the old saying about cheap being expensive can be further extrapolated to “free can prove really expensive”.
If a service is free, think twice before using it in your organisation (no matter how much money you think it might save). Rather look for providers which at least have some form of paid product. This means they’re much less likely to depend on ad-revenue and therefore expose your data to other parties.
Over the past few years, millions of words have been devoted to talking about how valuable user data is. Because of the value, we have probably swung too far when it comes to surveillance and harvesting.
It’s time to swing in the other direction. You should always own your data and, far from selling it, your business software provider should be doing everything in its power to protect it.