Wireless Conference Highlights Security and Opportunity

Consider that hackers recently compromised the identity security of more than 59,000 people affiliated with California State University; that consumer data firm ChoicePoint (CPS) suffered a 145,000-person security breach last month; and that the University of California, San Diego, was hacked for the confidential information of 380,000 people last year. Now imagine having to tell your customers and clients that their personal information or business transactions were exposed through gaps in your CRM policy. Clearly, identity theft is a huge risk, not only for the victims, but also for the organizations that serve them. The tone of this week's Wireless on Wall Street conference was one of caution and vigilance as the discussion turned to data security. Simon Lok, CEO and founder of Lok Technology, spoke Tuesday morning about security solutions. The first part of his presentation read like a hacker's training manual as Lok pointed out several free or inexpensive methods of defeating network security. But social engineering, he noted, is as important as a firewall. "Fifty percent of attacks do not involve technology," Lok said. "Your assistant is a vulnerable point, since it's their job to help people." He went on to describe several scenarios in which a confident phone voice and a few easily acquired bits of company information could gain an attacker free access to customer information. Lok quoted an informal study in which employees could be bribed into giving out IDs and passwords for such premiums as a free pencil or a piece of candy. Despite such examples (and indications that the next generations of security protocols, WPA and the security encoding of 802.11I, already have shown gaps), the outlook for the future of wireless in business was positive. Julie Gordon, principal architect at AXA Financial, followed her own cautionary tales by noting that wireless access "resulted in a 30 percent productivity increase for the AXA sales team in selling to brokers." One guiding principle at the conference was that a fully integrated CRM solution can be the key to a company's own business security--if every employee has access to the information of every customer, it's much harder for somebody to masquerade as a client to steal or corrupt data. But companies must have security in place to begin with. Young Kim, senior systems engineer for AirMagnet, spoke to the tradeoff between security and utility of wireless CRM solutions: "One thing every company should do is socialize the concept of security--educate and orient wireless users so they understand the risks of using unsecured access portals, and recognize a breach and take some action, even if that action is to ask IT or security for help." Feliciano Rivera, director of business development for Saratoga Systems, indicated that CRM solutions, wireless or otherwise, will continue to be driven by the needs of the field sales force. Companies wishing to head off problems and anticipate needs "should ask the sales force what it needs first. If customers need to know about inventory or shipping status, your agent should be able to connect to the back end on their behalf. In finance, portfolio access and instant data can be crucial, when every tick of the clock can be a lost opportunity." Rivera also stressed integration: "Especially in large organizations, spot solutions for wireless CRM aren't enough," he said. "If the sales force identifies a need and deploys a solution, and the warehouse buys into another system to address its own needs, and so on, eventually you'll be stuck having to make all these disparate systems and solutions work together. That costs money and time and until there's a single method in place, the users will resort to risky behavior to get the information they need." Related articles: Protecting Your Customer Information From Theft