While cloud-based customer relationship management (CRM) and other customer-centric solutions have generated a lot of buzz, the reality is that many organizations – particularly large ones – have been slow to move to the cloud. While smaller companies are attracted by the low upfront costs and quick installation, as well as the broader feature set available through the cloud, large companies that have their own extensive IT departments are still wary of customer data in the cloud, and that wariness generally boils down to one point: security.
Many organizations feel that putting sensitive customer data into the public cloud represents risks for them that simply aren’t worth the benefits of a cloud solution.
“Security concerns and fear of sudden outage are the major deterrents for cloud adoption, especially in CRM space where customer experience and trust are of prime importance,” wrote Infosys (News - Alert) Limited CRM consultant Padmanabha Sivanandan for Cloud Tweaks. “Some also ponder about migrating to private or hybrid cloud; however these alternatives are complex, tedious and costly when compared to public cloud. Consequently, the migration to cloud based CRM platform has been slow compared to the hype and expectation.”
Companies’ biggest fears, according to Sivanandan, include access of sensitive data by unauthorized personnel, bad customer experience and dissatisfied customer, loss of reputation of the company and legal issues, potential financial losses and losing ground to competition; and disruption in business operations and customer service.
From a security perspective, however, there are steps companies can take to keep their data secure, even in the cloud.
Monitor it constantly. Organizations can put a security team in place whose job it is to monitor all potential areas for leaks or thefts, and actively try to location weak spots by attempting to breach sensitive data storage.
Customer authentication. Simply because a customer identifies himself as John Doe doesn’t mean he is John Doe. If the contact center is handling any kind of personal information, ensure that customers authenticate themselves properly with account numbers, billing addresses, zip codes, passwords and challenge questions.
Security traps. Many successful organizations set “security traps” that will attract hackers. While the hackers wrestle with information that is useless to them, the IT staff has time to locate the breach and block it.
Monitor the workforce. It’s a sad fact that most customer financial or personal information leaves contact centers not through hacking, but in the pockets of agents walking out the front door. Consider banning paper and pens from the work environment and using white boards instead, and keeping personal cell phones and other digital devices that can be used to record of photograph information out as well. Also, suggests Sivanandan, monitor employee behavior.
“The reporting feature should maintain the activity history of an employee and automatically trigger a report to the in-house security team on any change in employee behavior with the system,” writes Sivanandan. “For example, login failure, trying access to restricted site, etc. This will enable the security team to predict probable unwanted behavior from employees.”
While no system will ever be criminal proof, cloud-based CRM systems can attain the kind of security standards that companies expect from premises-based systems. In fact, since cloud solution users are often turning over their customer information to vendors accustomed to maintaining a secure data center, enterprises may find that the secure data store is being minded even better than any internal IT resources could.
Edited by Rachel Ramsey