A closed lock on a keyboardWhen e-commerce began to explode back in the late 90s, we all worried that some hacker in dirty sweatpants, holed up in his mom’s basement, would intercept our transmissions and steal credit card data. But after nearly twenty years of doing business with internet retailers like Amazon and Ebay, we’ve begun to realize that perhaps our fears were misplaced. Thanks to encryption and authentification measures utilized by those websites, we haven’t had a big problem with cyber criminals directly intercepting sensitive data.

What we should have been looking at all along: Data storage.

Hackers haven’t focused on our transmissions. Instead they target the websites themselves, from the Social Security Administration to hospitals to banks, and steal data after it has been transmitted and stored somewhere.

Many companies often don’t safely store the data their customers have sent to them, citing reasons such as cost or lack of knowledge. But when we consider the cost of a major data breach – the lawsuits, the public relations nightmare, and possible court settlements – those excuses appear to fall flat.

It’s understandable that in the early days of internet commerce, we simply didn’t know what we were doing. We didn’t realize that our biggest threats would be Russian or Chinese hackers, sponsored by their own governments. We assumed our own government could protect us from any online threats, but we were mistaken. We protected data as it was transmitted, just as we hire armored cars to transport large amounts of gold or cash. But then our storage measures became the online equivalent of an unlocked filing cabinet with a flashing neon sign above it.

Those were the early days of the internet. But now we’re catching on to how this whole thing is going to work. Luckily, companies are starting to realize that paying for dependable data security experts now is preferable to paying for a massive data breach later. Any new technology comes with new risks. It’s time to ask yourself if you’re protected from data security disaster.