Web-based CRM solutions and customer data security management

Security breaches are a growing problem for online businesses and keeping out hackers and viruses is a priority for companies using a web-based CRM solution. Web-based CRM solutions must be made secure with at least basic encryption, authentication, firewalls, and SSL certificates, so that customer information will not be compromised. CRM customers have to fully trust the places where they conduct their online business. In addition, companies who have contracts with online CRM software providers should require the CRM provider to address incidents of unauthorized access to the client company immediately so that the company can implement the appropriate response program. 

Steps to keep customers’ data secure

• Encryption scrambles data before it travels from the customer's browser to the company’s site. Customer should see a gold key or lock at the bottom of their browsers letting them know SSL (secure sockets layer) or another encryption method is active. Requiring the customer to type a strong password with a combination of letters and numbers is a good security management method, as is logging a customer out from a secure screen after a set period of inactivity.
   
• Firewalls, both in the hardware and software, strengthen the security between the outside world and the network. A good software firewall can prevent software applications from sending information back to their online source. However, even with a firewall in place, employees may be the greatest enemy to customer security. CRM operators have the ability to allow malicious traffic into the network that will not raise any alerts or violate security rules on the firewall. Additional layers such as intrusion and attack detection systems must be added to prevent online security breaches.
   
• Certificates verify online legitimacy. Certificates like those issued by a government-approved certificate authority (CA), such as VeriSign or Thawte tell customers which websites are the real deal. These CAs do this by issuing digital certificates to third parties once independent proof of their identity has been obtained. Users can check for a server certificate by looking for the browser tool in the Tools menu.

How an online CRM solution should respond to and manage security issues

A response program is a vital part of the customer data security management. Companies can perform background checks on their employees, place access controls on customer information and take all of the necessary steps as discussed above, but sometimes customer data is compromised.

When an issue arises, a response plan must be put into action:

• Assess scope of an incident, and identify what customer information solutions and types of information have been assessed or misused.
   
• Immediately notify law enforcement in situations involving federal criminal violations
   
• Take appropriate steps to contain and control the incident to prevent further unauthorized access to customer information (such as by monitoring, freezing, or closing affected accounts) while preserving online records and other evidence.
   
• Notify customers quickly via their contact information.

Conducting business online is fast and easy, but no company wants to make it easy for hackers to access customer data. Online CRM solutions that keep strong security measures in place will succeed in the Internet marketplace and will ensure their customers’ trust, loyalty and long-term relationship.