Successful companies know that customer relationships—perhaps above all else—drive business value. Building and maintaining customer trust generates brand loyalty, establishes a positive business reputation, and leads to increased sales.
However, an increasing number of stories published in the media indicate that businesses repeatedly overlook a crucial element of customer relationship management—establishing best practices and solutions to prevent confidential customer information from being stolen. Recall some of these recent headlines: "Facebook, PayPal Users Urged to Check Logins After Hacking," "Sony Hacked Again; 25 Million Entertainment Users' Data at Risk," and most recently, "LinkedIn Hit with Lawsuit Over Massive Data Breach." Companies of all sizes are vulnerable to data breaches, and are now paying more attention than ever to this problem.
Businesses collect customer data to help tailor products and solutions to better meet customer needs. In doing so, businesses have an obligation to their customers to secure this data from would-be identity thieves. Every day, customers risk exposure to fraud that leads to identity theft. According to Javelin Strategy & Research, more than 11.6 million adults became victims of identity fraud in the United States in 2011—a 67 percent jump from 2010. Once hackers obtain customers' personally identifiable information (PII), including everything from full names to birthdates, bank account and Social Security numbers, they can use this information to assume false identities, open credit card accounts, or apply for loans.
Fortunately, organizations can now take simple, affordable, proactive steps to help diminish the risk of breaches and minimize damage should they occur. The critical component is implementing PII protection as part of a company CRM strategy. This is instrumental and is accomplished by applying data breach protection solutions. By implementing and communicating this layer of security protecting customer data, companies can establish greater confidence on the part of their customers.
It Pays to Protect
As the risk of fraud that leads to identity theft continues to increase, customers will require more and more from businesses to keep their PII safe. If companies do not meet these demands, they open themselves up to customer loss—and potentially devastating financial loss. Today's average breach costs a company $5.5 million. This equates to approximately $194 for each stolen customer record, according to a study by the Ponemon Institute and Symantec.
Businesses that are exposed to data breaches face a tough regulatory landscape. Laws in 46 states require merchants to give timely notification to victimized customers, as well as provide these customers with guidance on next steps and recovery measures. A company with hundreds of thousands of affected customers across 10 states would have to meet the separate disclosure laws of each jurisdiction. Failure to do so can result in steep fines, enforcement actions from state and federal regulators, and customer lawsuits.
Adopting Preventative Measures and Solutions with CRM
Complete fraud protection requires information security policies and incident response plans. We call these policies and response plans "preventative measures." Strong preventative measures can help businesses develop and implement best practices in a manner compatible with existing CRM systems. Data security, including both business data and personal information, should enhance CRM functionality. It should operate in harmony with customer outreach to assure customers that their personal information is well guarded. For instance, companies can strengthen relationships with customers by educating them on the risk of sharing data with unknown third parties without prior consent. Companies can also provide customers with information on their policies aimed at preventing access to confidential information.
Protecting customer data and personal information is a great first step. However, more and more businesses are now offering identity management solutions to customers who experience identity theft. Identity management solutions include providing an efficient, quick response to breach situations that help minimize financial loss, reputation damage, and additional harm to customers.
Preventative measures should offer the following features to ensure a prompt response to breaches that leaves a positive impression on customers:
- Breach incident planning. This helps companies design breach process flows, develop forensics checklists, assign internal breach incident team roles, and draft external notification guides.
- Access to post-incident support. Such support gives businesses the resources they need to carry out the recovery and customer notification processes. Support can include customized victim notification letters, call center support to handle victim concerns, and outside forensic experts to help investigate root causes of the breach and isolate vulnerabilities.
Adding preventative measures to your CRM strategy is easy. A structured approach to the planning process enables security policies to emerge quickly, equipping organizations to manage fraud risk and to feel confident in their abilities to address potential breach crises. As breach incidents continue to capture headlines, your customers will feel secure with the knowledge that you have policies and plans in place to protect their best interests—and your most valuable assets.
Dale Dabbs is president and CEO of EZShield, which specializes in identity theft management solutions.