For many businesses, sharing information has clear benefits -- it enables collaboration across departments and makes it easier for any contact center agent to help any customer -- whether they reach the center using email, phone, chat or social media.
Despite what children's shows like Sesame Street would have one believe, however, there is a downside to sharing.
The more access there is to customer data, the greater the opportunity for someone with malicious intent -- and today, tales of customer data misuse abound.
Brandon Leach, a senior database administrator at Network Health, a health insurance company based in Medford, Mass., discussed the possibility of employees at any organization looking up the health records of a celebrity -- or even just a normal, everyday person.
This sort of thing is fairly common, according to Leach. "Let's say a football player gets injured practicing," he said. "They're treated at the hospital. Someone at the hospital is thinking about betting on the upcoming game, and has access to that player's record."
A snooper can study that player's medical history and tell whether he will make it back onto the team for that game, say, and maybe place some bets accordingly. Not only is this a violation of the athlete's privacy -- it also could destroy the medical provider's professional reputation.
Media reports about leaks of sensitive customer information abound. The recent hacking of British telecom giant Vodafone was big news, and there's no shortage of stories about employees taking information home on thumb drives, only to lose them. That's what happened in August 2013 when an outside vendor contracted by the Boston public school system lost a flash drive containing data on 21,000 middle and high school students.
What happens to data once it falls into sinister hands? Criminals have been known to get medical care or prescriptions under other people's names -- something those victims learn about later, when they hear from collection agencies. If the customer information contains a Social Security number, a thief could apply for a loan or a credit card, ruining a person's credit and maybe even his or her chances of getting a job.
Solving the problem requires a delicate balance
The good news is, there are ways to ensure customer data security while granting insight on customers to the right employees.
It's important to make sure that only those who really need to view private customer data have access to it. Jeremy Roche, CEO of FinancialForce.com, a financial management system designed to run in tandem with Salesforce.com, said his customers use role profiling, which allows a FinancialForce employee to see only the customer information that is pertinent to his or her job.
"Let's say I want the salesperson to know what the customer's balance is, what outstanding invoices they've got and what credit they've been issued, but I don't want them to see any other financial transactions," Roche said. "I switch on what I want each department to see, and [that is what] appears on their screens."
This switch-on-switch-off functionality protects information and allows marketing teams, for example, to see demographic information in the CRM system while leaving out customers' personal details like names, addresses and Social Security numbers. At the same time, role-based profiling ensures that the much-needed information makes its way to the right people.
While using role-based permissions is a fairly common tactic, there are some tips and best practices that will help ensure success.
"We break departments down into security groups. Even within departments, there are different levels of privilege. In doing so, we're able to restrict access in any way that we want," said Leach, who uses Microsoft SQL Server, among other database technologies, to store and manage Network Health's customer records. "We specify permissions [within the database] like read and write on a file level. You can even specify who has permission to launch an application."
For more information on customer data security
Can you trust the cloud with customer data?
Learn to maintain PCI compliance with sensitive data
One way Leach hides patient information from prying eyes is to implement many levels of security. "We have stuff that exists outside of the regular network that only certain folks are able to get into," he said. He also suggested encrypting all sensitive data to protect it from being compromised. In environments like Leach's, which need to comply with the health care privacy law commonly known as HIPAA, or the Health Insurance Portability and Accountability Act, access is based on need, and decisions are made on a need-to-know basis. "For example, folks in claims need to see claim information but not necessarily case information," he said.
Leach also had some practical advice for those who want to thwart rogue employees who steal customer data. "Do most of the permissions handling and authentication through Active Directory" or a similar access management tool, he said. While his advice is specific to Microsoft SQL Server, most database systems have user management applications to add or purge users quickly and simply. "That way, for example, when an employee leaves, you can immediately cut their access before they're even out the door. It's one-stop shopping to make sure the cutting of their permissions happens on all levels."
No stranger to user permissions himself, FinancialForce's Roche agrees that making sure only the right people have access to customer data is good policy. But he's also an advocate of training employees to properly handle sensitive data.
"Today, mishandling is probably the biggest risk to data," he said.
This was first published in October 2013