Gartner: Ignore Security 'At Your Own Peril'

Security is top of mind for many CIOs and CEOs embracing CRM solutions, according to a recent Gartner Inc. Study.

In its report, "Gartner Predicts 2002: Customer Relationship Management," the stamford, Conn.-based research firms says "40 percent of enterprises that have already installed CRM solutions will rethink them, with an emphasis on balancing privacy with increasing pressure to support personalization."

"Our EXP (Executive Programs) group, which deals with CIOs and other c-level individuals, did its annual survey on the top issues that CIOs are worried about in 2002. And security, in general, was number one or number two on that list," says Scott Nelson, vice president and research area director for Gartner.

Firms define security differently, admits Nelson. "Some firms are only worried about malicious attempts at getting to the data. Some will extend that and say employees are properly restricted so you don't have people who have no need for certain information getting to it. Others are taking a very aggressive policy appointing things like privacy czars to constantly review privacy policies," Nelson says.

The heightened interest in security and privacy, Nelson says, is partly in response to the terrorist attacks on September 11. "Both firms and consumers are also showing more interest in security in reaction to September 11. Clients are now more sensitive to giving information to third parties. In some cases they don't have a choice, but in others they do and they want to have control over that," he says.

"There continues to be an increased awareness of privacy issues and the need for security from the government and consumers. We're just getting to a point where it's necessary to really start drawing attention to our clients and say ‘Ignore this at your own peril.'"

Nelson warns that security is not only needed for external threats. Aside from malicious hackers trying to steal credit card information or identities, and pranksters who think it's funny to sneak in and change sensitive information that helps companies make decisions, Nelson advises that disgruntled employees could also sabotage the data internally or take competitive information with them to a rival when they leave.

Customers leading the way in data security are those that take a fiduciary role with their customers, Nelson says, such as banks and major dot-coms. On the vendor side, he asserts Oracle, Siebel, and E.piphany are taking security most seriously. "The suite players take this more seriously than best of breeds," Nelson says.