It is evident from both the incidents that adequate measures have not been put in place by companies to secure their customer's data, which has resulted in hacker's attacks and subsequent compromise of customer's data. Customer's personal data falling into hackers hands is a serious issue, which may result in monetary exploitation, legal suites and etc.
With the launch of Data Seal, the DMA is giving its members a roadmap for how to cope with growing consumer concerns about the security of their personal information.
Central to the standard is the goal of establishing an industry-wide approach to information security and to reflect the tight integration between clients and suppliers when managing personal information. The mechanisms and rules it outlines for protecting data are intended to protect the reputation fo the DM industry as well as offering guidance on how to deal with external complaints and queries.
In order to gain accreditation, member companies have to address a raft of issues, from hardware and software requirements to staff training and processes. The Data Seal is given to a company following an audit by BSI. An annual audit is then required to keep the seal.
So, next time when you talk to your email service provider, ask him straight questions.
1. What Information Security measures have been taken to secure your customer's personal data on their systems?
2. Are the systems and processes are audited for Information Security, by a trusted third pary?
3. What is their road-map for getting DMA Data Security Certification or similar such Certification?
I am sure you would value your customer's private data and will keep it very secure, irrespective of what service providers you use?