As I regularly share with employees there are two main ways I think about this question. First is being a good corporate citizen and recognize that we have a responsibility to secure the data we are entrusted with to protect the privacy of individuals.
According to ITRC more than 35 million data records were compromised in corporate and government data breaches in 2008. Considering that number is 3 years old I'm sure it's growing so our focus needs to be "do no harm." Each of us wants those that have our personal data to protect it and we need to give others that same respect. The second consideration is core in building a strong, healthy business in today’s information based world. It’s a matter of “Trust”.
We work hard every day to continue to earn our customers' trust and in this, as well as many industries, our ability to keep our customers' data secure is one of those "make it or break it" triggers. So it can’t be an annoyance, overhead, or an afterthought…it must be part of the business as much as quality control, hitting mail dates, or even invoicing.
So what’s the point of this blog…it’s important that we all keep the ‘why’ in mind as it’s the ‘why’ that ensures all the procedures, hardware, and people come together to achieve the goal of protecting data.