We all strongly believe we should keep customers data secure. At the same time, we're only human, and we all make mistakes. (Luckily. How boring would it be if we were all perfect, right?) We think it's important to have a helicopter-view and give some extra attention to the weak spots, wherever they might be in your organisation specifically. Here are some of our more general best practices.

• Make sure people in your organisation use one account per person and never share their password with others. Don't just tell them so, create an environment where they don't feel the need to share this. Use software that makes it easy for your employees to collaborate from different accounts, and make sure your IT-people are completely ready when a new employee walks in on their first day and there's an account created for this person in all the software and systems they need to work with.
• Create strong and hard to guess passwords.
• Use different passwords for multiple sites and ask employees to use a different password than the one they personally use all the time in every single case where they have to create a password. 
• Update passwords frequently.
• Make sure your e-mail account is secure for verification and resets.
• Don't take the easy way out and give all your employees access to everything. Everybody that uses your systems, whether it's an employee, customer, stakeholder or even a manager; work on a need-to-know basis and make sure if someone doesn't need certain data, they also don't have access to it.
• Ensure a backup for your admin, so your organisation retains ownership of the data in the account whan an employee leaves the company.
• Have clear and strict rules about how and if an employee can use devices you provide them with for personal use. You don't want them to accidentily install spyware because their 10-year old tried to illegally download the latest disney movie on the company's laptop.