Almost every company in the world collects some sort of user data. There is virtually no service that doesn’t require its users to hand over identifiable information, which in many cases is also sensitive enough to be valuable to cybercriminals looking for a profit. When a database of personally identifiable information is compromised, both the company that suffers the breach and the customers whose data is stolen have to pay the consequences. For this reason, users should do whatever they can to make sure that the information they pass on is protected to the highest standard, while companies should earn their users’ trust by making every effort to protect their databases. I would recommend companies to combine the efforts of an internal team with an external service that can strengthen the security barriers in place. Another important point that companies need to consider is that if they store data in the cloud, their cloud provider is not responsible for its security. Service providers are responsible for the security of the cloud, while clients remain in charge of the security of their assets in the cloud. Therefore, when setting up a database on a virtual server, organisations may want to consider looking for external help to configure it properly and avoid accidentally leaving information exposed.  Read Less