Not a week goes by when there isn’t a story in the news about a high-profile security breach. Inevitably, after each incident knowledgeable PR experts weigh in on how the crisis could’ve or should’ve been handled. There are always new lessons to be learned.

Perhaps it’s the influence of the work that we do on behalf of clients in the enterprise technology space, but the latest wave of hacks to make worldwide headlines actually prompted a different PR discussion in our office. In addition to thinking about crisis communications takeaways, the data breaches are an important reminder about the care PR practitioners must take to protect sensitive client data and information.

No organization, no matter its size, is immune to a data breach. According to a 2014 study by the Ponemon Institute, one of the leading privacy and security research centers, a whopping 43 percent of companies have experienced a data breach in the past year. While PR agencies may not store credit card information, agencies are entrusted with confidential information about clients’ future company and product plans, as well as sensitive data about employees.

What can you do to ensure your organization doesn’t become a data-breach statistic?

Think twice about using consumer cloud apps for work activities. From Google Drive to Dropbox, there are a number of free services that allow employees to store and transfer company data in the public cloud. These services are great for transferring large files to external partners, but they are not bulletproof and could be a major exposure to your organization. Instead, consider using private cloud or enterprise-grade file transfer services which have a higher level of security.

Only use IT-sanctioned apps. PR people juggle multiple priorities and move at break-neck speed. When something needs to be done ASAP, in the absence of immediately having the right app or tool, it’s easy to go rogue and turn to services that have not been vetted by IT. For the sake of your computing network, don’t do it.

Don’t forget about mobile. BYOD (bring your own device) has given us the freedom to use the mobile device of our choice to get our jobs done and has forever changed the way we work. However, for many in the security industry BYOD actually spells “bring your own risk.” To address this, security experts recommend implementing a number of safeguards including the ability for IT to erase a device’s internal storage remotely and passcode locks.