Published on the 17/07/2014 | Written by Brenda Aynsley
With data privacy a hot topic at present, Brenda Aynsely of the Australian Computer Society asks how to keep data safe...
The ongoing pursuit of perfection in business relies a great deal on understanding the needs of the customer and ensuring those needs are met. In previous years though, the act of defining those needs was more difficult than it really should have been. When customers were spread geographically it simply wasn’t feasible to reach out to them individually without incurring a significant cost. There would then be the matter of identifying if there was a strong enough ROI to justify the expense of what really amounted to a direct mail campaign.
In the last decade the pervasive nature of technology has helped to shift the balance of ROI by dramatically lowering the level of investment required. As a result of this, more businesses are now drilling deeper into their customer base and gathering far more information than they ever thought they could. Even the recent changes to privacy legislation in Australia will not immediately slow this gathering of data, although businesses are well advised to ensure they know the changes and are compliant.
While this is undoubtedly a positive for business, it carries with it some significant risk. With so much data being collected, transmitted and stored it is vital that data security be at the forefront of CRM. This doesn’t simply speak to the technical elements of security in storage and transmission, but also to the calibre of staff used to develop, maintain and operate these systems.
Consider this – in 1963 Ronnie Biggs had to stop a train to steal around $A82 million in today’s money. If he had wanted to steal something of the same value now, he could do so by acquiring a USB key with the customer data of a bank on it. Of course, these aren’t readily available, but it only takes one rogue employee to place customer data, and indeed the future of a business, at risk.
It seems, however, that more and more businesses are prepared to hire people to manage their customer data without first identifying whether or not they are a suitable person to be the custodian of such a valuable asset. This raises the question of whether businesses should be undertaking mandatory background checks of potential employees.
What business should consider is whether or not they are hiring professionals to manage their data. In fields such as accountancy, law and medicine the definition of a professional is clearly understood and in some is managed by the relevant professional association often in conjunction with the State. We do not have a legislated requirement for an individual working in ICT – anyone can provide ICT services to a client and yet in many ICT roles, access to private or commercially sensitive information is easy. It does not appear that this will change in the immediate future, which is why the role of recognised industry associations is so important.
Members can be accredited as professionals within their field which carries with it certain guarantees, much like a legal or medical professional and members can be sanctioned in a similar manner should they not uphold the industry agreed standards. This is called professionalism.
The field of customer data management is fraught with risk. It therefore requires a great deal of risk mitigation. In the field of ICT, I believe that professionalism is the best form of risk mitigation. If you thought hiring a professional was expensive, just wait until you hire an amateur and things go wrong.
Brenda Aynsley OAM was a founding member of the South Australian Internet Association and Chair of the SA Committee of the Pearcy Foundation from 2006-2012. In 2008 she was awarded honorary life membership of the ACS, and in 2013 was elected as the first female President of the organisation.