• by Tanya Gazdik , August 30, 2007

When reports surface about a company's breach of sensitive customer information such as credit card numbers, the focus tends to be on what it's going to cost the company to remedy the situation and how their stock prices will be affected.

But there's an unquantifiable loss as well. Companies that have violated their customers' trust have seriously eroded their brand's equity and integrity, says David Puglia, vice president/marketing for Tablus, which commissioned a survey of consumers' views on brand equity in relationship to data breaches. San Mateo, Calif.-based Tablus, a leading provider of content loss prevention solutions, found that 87% of the 400 consumers surveyed lost respect for businesses that lost sensitive customer information.

In the digital age, companies are faced with a new challenge that greatly affects their brand equity; the protection of their customers' sensitive information. News reports of data breaches experienced by some of the world's largest companies, such as T.J. Maxx's loss of more than 45 million credit and debit card numbers that were stolen from its IT systems over an 18-month period, have made consumers keenly aware of the risks involved in trusting their information to companies that do not have a content loss prevention solution in place to monitor for data loss or misuse.

While many customers said they would stop doing business with a company that lost their data, perhaps even more damaging was the assertion by 82% of the respondents that they would warn others from doing business with a company that exposed its customers' personal information.

About 93% of respondents said that businesses have an obligation to protect sensitive content, while 95% of respondents felt there was no excuse for a company to expose a customer's confidential information. Not surprisingly, 85% of respondents would prefer to do business with a company that has never experienced a data breach.

While many breaches are due more to a poor security policy rather than maliciousness, 94% of respondents said if there was a technology that could prevent the loss of confidential personal information, then all businesses handling this information should use it--while 88% of respondents felt that companies that provided better protection of their customers' confidential information have better reputations.

"It's a problem that has evolved over time," Puglia says. While data used to be compromised due to hackers, now there could be innocent losses such as an employee sending unencrypted data via e-mail to their home e-mail address so they can work on a project over the weekend.

The first step in safeguarding information is for a business to take careful inventory of where their sensitive information is kept and what is being done to safeguard it, Puglia says. Some companies aren't even aware there are now automated systems available to track information and how it is being accessed relatively simply.

For companies that have exposed sensitive information, the first step to repairing the relationship with the affected customer is showing them that a secure process is being put into place to keep what happened from occurring again, he says.