Five Recommendations for Better Digital Security
Keeping your customers engaged and connected to your organization is paramount to your success. You desire compelling customer experiences, integrated processes, and advanced analytics. All of that digital savviness starts with trust.
As the steward of your customers’ data, you need to ensure their personal information is secure in order to drive your digital strategy. That means you need to earn and maintain their trust. Establishing and maintaining trust with your customers is key, and, in fact, one survey this year revealed that high-profile data breaches are negatively impacting consumer trust in major brands. Seventy-five percent of respondents would likely buy from a competitor due to negligent data practices.
Just as concerning, 72 percent of the same survey respondents now share fewer personal details with companies.
This digital security Point of View will cover five ways to build a foundation of deep trust with your customers and be the best steward you can while maximizing the value of customer data.
Our clients are all working towards achieving connected customers and devices, integrated processes and advanced analytics – all with the goal of delivering greater value and gaining more loyalty in the marketplace.
Every one of these goals requires one critical item – customer data. But, you need more than just the raw facts. You need data and systems that are reliable, resilient, and secure.
The critical question is this – you are asking your customers to trust you with their data, but do you trust your systems and security? In essence, the more secure, accessible, and useful your data and systems are, the more you can build TRUST with your customers. It’s the holy grail of long-term growth and loyalty.
How do you build trust through offering customers security for their data and respect for their privacy and communication preferences? Here are our five top-of-mind suggestions:
Segregate Your Data
- Collect only what data is needed to support the business:
- Keep only the most necessary data within your primary source. If there are data points, such as homeownership, social security number, or marital status, that are not priorities for every day transactional support or analytics, don’t collect and store it.
- Separate personal and financial data:
- Customer information should not be comingled. By keeping personal data — like addresses, product preferences, etc. — separate from financial date — like credit card numbers, bank information, etc. — you can dramatically decrease loss due to security risks.
- Don’t collect data until you need it, if possible:
- On-time data collection helps keep more secure sources of data inaccessible until the need arises.
Treat Data Reverently
- Store and protect data differently based on security sensitivity:
- Establish and follow a data security policy in your organization. This is similar to segregation and defines how different levels of data are stored separately. Implementation of a well-defined policy can help both reduce risk and validate that the most precious and high-value data is available when it’s needed and only for who is permitted to use it.
- De-identify the data:
- It’s important to determine the minimal data set you need and ensure that critical data can’t be easily matched or identified in case of a breach.
- Double-check your data security alignment with compliance standards:
- All data is sensitive, however, it is well known that some data is more valuable to hackers. Regulatory and compliance standards such as HIPAA, HITRUST, PCI, FERPA, SOX, SOC2, and many others define the foundations for data security and meeting with compliance requirements is a strong starting point for trust.
Be Clear and Transparent with Customers
- Tell them how you manage and protect their data.
- Explain why you need their data and how it helps your business.
- Detail how you handle data risk and potential breaches.
- Explain how you meet with compliance standards.
Be Prepared for Data Breaches and Cyber Attacks
- It’s a matter of when, not if. Having a flexible and tested data risk management and response plan is crucial to being prepared.
- Ensure that your incident response plan includes a communication plan to engage your customers with proactive, clear and transparent language.
- Regularly assess your data risk management process, program, and plan. And, test your plan regularly through mock incidents.
Understand Your Infrastructure
- Leverage new techniques like machine learning that can be applied to security capabilities. These capabilities can help you better understand your systems, as well as demonstrate your level of security maturity to your customers.
- Assess your cloud partners and their impact of on your security. Ask the tough questions – like “What is your risk management and response plan to handle security issues?” “What data is stored, for how long, and what encryption is used?”
- Also, hold your vendors to the same standards that you must comply with.
Your goal is to optimize the value of patient, member, and customer data for the organization by building trust and demonstrating respect for their data and privacy. It’s not just a matter of being compliant with standards. Trust is a market differentiator that provides real value to your customers, directly leads to better engagement with them, and increases revenue for your organization.
If you’re curious how your data security and systems are helping or hindering trust-building with your customers, Chris Weirup would like to discuss his Point of View further. We work with our clients to help them create anti-fragile architectures while maximizing opportunities to build better consumer experiences and relationships for long-term growth.