Dozens of data breaches have occurred in the past few years. Very recently, the personal information of 26.5 million U.S. veterans was compromised. Why are the thieves stealing data? Because, according to Betsy Broder, assistant director of the division of planning and information bureau of consumer protection of the FTC, data theft is now more profitable than illegal drug trafficking.
What if your customers' data was stolen from your CRM database? You might begin to wonder if your customers will continue to shop on your Web site, disclose personal information, and place orders over the phone--do they still trust you? Could identity theft dry up multichannel sales contact centers in an instant? CRM databases, while a necessity for knowing and serving your customers better, could be the death of American business, because the measures to protect customer data haven't been fully addressed.
Data broker ChoicePoint was recently fined $15 million by the FTC because 163,000 consumer records were compromised. The company must submit to independent security audits every other year for the next 20 years. The Secret Service and the FBI recently shut down shadowcrew.com. It functioned as an identity-theft eBay, a one-stop shop for buying and selling credit cards, Social Security numbers, and mothers' maiden names. Over two years, some 4,000 of these global cybermobsters had amassed two terabytes of other people's information. That's about 18 million email accounts and those people's related personal data. Perhaps the ruling by the FTC and the FBI bust are signs that customer data protection, once confined to the server room or seen only as a compliance issue for legal beagles, needs the full attention of the executive suite.
As companies struggle with their data protection strategy, cybermobsters are continually improving their ability to circumvent current security systems. And data theft is not just confined to computers--the hackers have invaded the cell phone and PDA world. With the profitability of data theft, there does not seem to be an end to the crime unless customer data protection becomes job number one. And while no company expects to have a data breach, the cost of preventing one may well be worth the price. Consider if ChoicePoint had the clarity to see into the future--it would have done things differently.
The same modern tools that enrich our lives can be used against us. Human beings have a track record of pursuing what they see as progress and asking questions later. We refuse to think the unthinkable--that hackers and criminals could penetrate the security of our databases and endanger our customer's lives and the financial backbone of our companies. However, existing circumstances might enable just such scenarios to develop.
This article might prompt readers with businesses to imagine how their customers, having taken extra precautions to guard their personal information (names, Social Security numbers, tax ID numbers, credit histories, employment records) would feel if they found out that this information was being piled into cyberwheelbarrows and sold to the highest bidder. That scenario is not any responsible company's intention, but it could be the unintended end result of shoddy security efforts.
As more consumers report identity theft, the privacy and protection of customers will become an even stronger competitive differentiator. For a company committed to its most valuable asset (customers), the data protection interests of the customer and the company must become aligned.
Customers are a company's true source of value creation--maintaining their trust is imperative. Understand that data collection and protection is now a business necessity.
The Cost As FactsAverage total fraudulent charges for an identity theft amount up to $18K, and range from $250 to $200K.Victims spend many hours--1,000 to 11,520--trying to resolve the problems caused by identity theft.Victims have limited access to loans and limited ability to buy property or an automobile.Financial loss can be significant, but stress, emotional trauma, lost time, and damaged credit reputation are among the most difficult results to deal with.
--Based on a CalPIRG & PRC identity theft study.
Natalie Petouhoff, Ph.D., is a CRM thought leader at Hitachi Consulting's Customer and Channel Solutions Group and the author of Integrating People, Process and Technology. Brian Johnson is managing vice president for Hitachi Consulting.