Keeping CRM customer data secure isn't a one-size-fits-all task. Indeed, tackling security issues around CRM data demands close examination of vendors as well as internal and external threats -- and it's a vital part of customer relationship management.
The alternative is devastating. Ponemon Institute research indicates that data breaches have serious financial consequences for an organization. According to the most recent Ponemon Institute Annual Cost of a Data Breach study, the average cost of a data breach has risen to $202 per customer record. The average cost of a data breach over four years is $6.65 million.
Companies should consider the issue of CRM and customer data security critically important, and this is true for companies of all sizes, according to Sanjeet Mall, a CRM architect at SAP. A company's most valuable data, he added, should be protected whether or not regulations mandate it.
"Considering the regulations around customer information plus the value of keeping it secure, companies really need to think about security as part of a holistic IT governance strategy," Mall said. "CRM is just one application, but customer data lives in many parts of an organization, typically connecting to ERP or financial systems, supplier management systems, or even living outside the company if in a CRM on-demand solution, and so on."
Pick the Right CRM Vendor
As Mall sees it, the most important tip for keeping CRM data secure is to choose the right CRM vendor. He suggested considering a vendor that supplies CRM solutions and can also advise on how to ensure the security of the entire IT landscape.
"This vendor needs to show that it works with and certifies solutions from security software partners, such as encryption software. It should also be able to show that it can integrate its CRM software with other vendors' solutions where customer data might live, such as ERP and financial systems, supplier relationship management systems, etc.," Mall said. "Buying from a vendor that offers a suite of these applications can significantly simplify this as well, as the integration work is done before it even arrives at the company." (continued...)