We haven’t exactly had a strong past year in the data security and privacy world. While concerns about data privacy have been snowballing for years, we’ve only recently unearthed the most controversial of issues, from Facebook privacy standards to Russian probing of the U.S. elections. If one thing has been made clearer in 2018, it’s this: no individual or business is immune to the threat of a data breach or attack.

Beyond the threat of massive data breaches, our daily lives are changing because of access to data as well. In 2016, Americans got about 2.4 billion unwanted phone calls a month, thanks to companies obtaining consumer data including personal phone numbers. One new report even claims that in 2019, almost half (45 percent) of all U.S. mobile traffic will be attributable to scam calls. The same phenomenon already happened across email and most of us likely felt its toll on Black Friday and Cyber Monday, when it suddenly felt like every retailer had access to our email address. Consumer data, including phone numbers and email addresses, are being accessed by unwanted parties whether by data acquisition, hacks, breaches or other events.

So little control over something so personal seems to be taking its toll. A survey of 1,250 registered US voters showed that a decisive 84 percent of respondents consider personal data protection very important. Now your social identify—which can be comprised of varying combinations of information from their face to their voice to their interactional patterns—is usually more comprehensive than a simple set of digits or email address.  

Businesses obtaining your social identity, in most cases, isn’t a bad thing. In fact, when given the right information, machine learning and predictive analytic technology is now advanced enough that companies can and do use the information to make your life easier. From customizing your shopping experience to predicting what type of hotel you might want to book, your social identify affords companies the knowledge they need to make your experience better. The problem is that it’s becoming increasingly difficult for us to understand how businesses are using this data and when it might be problematic.

In most cases, such as Facebook, we exchange our data for a better experience. Then it’s up to the business to draw the line of how and when data they choose to use it. This isn’t something businesses take lightly. I had at least a hundred conversations in 2018 with executives who repeatedly name “security” as their first or second biggest concern for the year ahead. Ethical companies understand that it’s mission critical to keep your data safe and only use it when it helps you.

Workers are bringing daily security concerns with them to work, which should be a driving force for keeping businesses honest and ethical with their own employees’ data. Here are three hot areas business leaders should focus on to ensure best practice security initiatives are in place:

1. Third party integrations. Businesses are so linked (think: PayPal and Facebook) that they’re usually set up to share data, albeit securely, across platforms. It’s important for consumers to understand the difference between a secure third-party integration, and when a situation might be cause for concern. Most of today’s business tools are also integrated and therefore raise the same basic concerns. Make sure employees understand.
2. Voice recognition and chat (think: the person that pops up to help you complete your order on a retail website) have already claimed spots in most business communications strategies. Businesses are now set up to respond to phone calls and emails, plus engage with customers in other unique ways, from engaging via Amazon Alexa to offering bot support to ensure questions on a website in real time. This also means that these unique communications channels are likely part of the data collection process and are useful to building a portfolio of information about the consumer.
3. Evolving and complex identities. Businesses will continue to move beyond a single identifier for users. Some companies, for example, have already begun decoupling phone numbers from the user as the single identity. Most companies are hoping to build a bigger portfolio for individuals in order to customer their experience, so employees should understand how and when their identity is being used.

As we move through 2019, it’s clear that we’ll continue to keep a critical eye on how companies collect and share our data. Businesses that respond proactively by securing information and communications channels with secure integrations are already one step ahead – and leaders that inform and guide employees in their quest to keep information safe mitigate the business risk of a security mishap.