May 19, 2020

Are you protecting customer data or exposing it?

small businesses
Kate Supino
3 min
Are you protecting customer data or exposing it?

In 2014, Bell Canada was hacked and more than 22,000 of its small business companies had their passwords, usernames and other sensitive information stolen.

When a company as large as Bell Canada is hacked, it's time to sit up and take notice.

RELATED TOPIC: Some small Canadian companies big on data

After all, if a company like them, with deep pockets and supposed access to the best security systems available, can be victimized in this manner, where does that leave the rest of us (including countless businesses)?

As the following article looks at, companies like yours that collect private customer data, even if you're using private data for the benefit of the public, need to be vigilant about protecting customer data and not exposing it to criminals.

So how can you be sure you're protecting sensitive data to the best of your ability?

Assign security levels to employees

Take a page from the military and assign security levels to employees.

Not everyone in your organization needs to have access to customer usernames, passwords, credit card information or other data. In fact, very few should have access to these things.

RELATED TOPIC: Companies must not overlook big data security needs

You give your human resources manager a key to the locked filing cabinet holding employee information. Your customer data should be locked in the same way, within your organization.

To manage this, include security levels in your operating manual.

Anyone below a certain level should never be able to view a customer's private information. If a breach does occur, you'll have a limited list of suspects to consider.

Disallow personal devices

Too often, laptops and tablets get stolen from employee's vehicles. These devices are usually the carriers for sensitive data that eventually gets sold to third world countries and exploited.

Thefts like this leave your company vulnerable to lawsuits, and even criminal charges. The best course of action is to simply disallow personal devices in the office.

But you even have to go one step further, if you want to prevent data leaks 100%.

Top executives in your firm may want to work from home, in which case they'll want to use thumb drives to transport data from work to home. However, this also exposes your customers' sensitive data.

Unsuspecting executives may not protect thumb drive data like they should, from prying eyes.

Worse, company spies or turncoats may use your work from home loophole to move valuable data from your office to competitors' hands.

If you're truly dedicated to protecting customer data, it can't leave the confines of your company's premises.

When you're in business and customers' private data is in your hands, it's your legal and ethical responsibility to protect it.

Your customers expect it and the government demands it.

Take steps now to make sure it doesn't get into the wrong hands.

RELATED TOPIC: Is data turbocharging your marketing effects?

About the Author: Kate Supino writes extensively about best business practices.

Let's Connect!


Read the latest edition of Business Review Canada!

Share article

Jun 12, 2021

How changing your company's software code can prevent bias

Lisa Roberts, Senior Director ...
3 min
Removing biased terminology from software can help organisations create a more inclusive culture, argues Lisa Roberts, Senior Director of HR at Deltek

Two-third of tech professionals believe organizations aren’t doing enough to address racial inequality. After all, many companies will just hire a DEI consultant, have a few training sessions and call it a day. 

Wanting to take a unique yet impactful approach to DEI, Deltek, the leading global provider of software and solutions for project-based businesses, took a look at  and removed all exclusive terminology in their software code. By removing terms such as ‘master’ and ‘blacklist’ from company coding, Deltek is working to ensure that diversity and inclusion are woven into every aspect of their organization. 

Business Chief North America talks to Lisa Roberts, Senior Director of HR and Leader of Diversity & Inclusion at Deltek to find out more.

Why should businesses today care about removing company bias within their software code?  

We know that words can have a profound impact on people and leave a lasting impression. Many of the words that have been used in a technology environment were created many years ago, and today those words can be harmful to our customers and employees. Businesses should use words that will leave a positive impact and help create a more inclusive culture in their organization

What impact can exclusive terms have on employees? 

Exclusive terms can have a significant impact on employees. It starts with the words we use in our job postings to describe the responsibilities in the position and of course, we also see this in our software code and other areas of the business. Exclusive terminology can be hurtful, and even make employees feel unwelcome. That can impact a person’s desire to join the team, stay at a company, or ultimately decide to leave. All of these critical actions impact the bottom line to the organization.    

Please explain how Deltek has removed bias terminology from its software code

Deltek’s engineering team has removed biased terminology from our products, as well as from our documentation. The terms we focused on first that were easy to identify include blacklist, whitelist, and master/slave relationships in data architecture. We have also made some progress in removing gendered language, such as changing he and she to they in some documentation, as well as heteronormative language. We see this most commonly in pick lists that ask to identify someone as your husband or wife. The work is not done, but we are proud of how far we’ve come with this exercise!

What steps is Deltek taking to ensure biased terminology doesn’t end up in its code in the future?

What we are doing at Deltek, and what other organizations can do, is to put accountability on employees to recognize when this is happening – if you see something, say something! We also listen to feedback our customers give us and have heard their feedback on this topic. Those are both very reactive things of course, but we are also proactive. We have created guidance that identifies words that are more inclusive and also just good practice for communicating in a way that includes and respects others.

What advice would you give to other HR leaders who are looking to enhance DEI efforts within company technology? 

My simple advice is to start with what makes sense to your organization and culture. Doing nothing is worse than doing something. And one of the best places to start is by acknowledging this is not just an HR initiative. Every employee owns the success of D&I efforts, and employees want to help the organization be better. For example, removing bias terminology was an action initiated by our Engineering and Product Strategy teams at Deltek, not HR. You can solicit the voices of employees by asking for feedback in engagement surveys, focus groups, and town halls. We hear great recommendations from employees and take those opportunities to improve. 


Share article