Customer data platforms rise to the challenge of cybercrime

Understanding customer needs has been a challenge for businesses since the dawn of commerce. The Covid restrictions, at least, made their growing desire for digital transactions evident. But this shift means companies now need to replace existing customer relationship management software with something that can handle multi-channel online interactions.

Many companies have chosen to replace or supplement their existing systems with customer data platforms, which allow them to automatically collect data from any “touch point” – including social media, websites of the company, e-mails and SMS.

This has led to the rise of platforms such as Twilio Segment, which is now used by over 20,000 companies including Levi’s, IBM and Fox.

These platforms, which provide businesses with a single repository of customer data, use artificial intelligence and data analytics to help businesses understand their customers, acquire new ones, and conduct personalized marketing.

Technology can also make it easier to manage customer data and privacy preferences.

Sheryl Kingstone © Eric Baumann

“If you know where. . . [customer] data is you’re ahead of a lot of companies,” says Sheryl Kingstone, research director specializing in customer experience at consultancy 451 Research. “Many companies don’t even know where all their customer data is.”

But the consolidation of data – including names, addresses, financials and contact details – creates a tempting target for hackers.

“If you put all your data in one place, it becomes a very lucrative target for cybercriminals, for economic disruption or theft for monetization,” says Duncan Brown, vice president of enterprise research, Europe , at the research company IDC. “[Customer data platforms] are essentially databases.

Security threats can include “phishing” – where cybercriminals pose as legitimate organizations to trick consumers into divulging passwords and payment details – and “ransomware” attacks, which involve the use of “malware” to encrypt the data, then ransom the owners of the data. .

Ransomware is now increasingly used against retailers, according to research by software company Sophos.

Even if the information on a customer data platform is anonymized, it may not be secure. Skilled cybercriminals may be able to piece together connections within large amounts of anonymized data – for example, using zip codes, medical and financial records and voting preferences – to “re-identify” an individual or, cut it down to about five people, Marron warns.

However, companies using customer data platforms say they are strengthening, rather than weakening, their cybersecurity.

Gap, the US clothing retailer, says it uses an unnamed data platform as a “central repository of business data”, for marketing, demand forecasting and to make its supply chain more efficient.

A company spokeswoman explains that it uses “access management” – a technology that restricts access to a computer system – as well as encryption and anonymized data to protect its platform from cyber threats, reducing overall cybersecurity risks.

Pedestrians walk past the closed GAP lighthouse in San Francisco
© Justin Sullivan/Getty Images

In the UK, Jardine Motors Group, a luxury car dealership with more than 2,700 employees, is using an Informatica customer data platform as part of a digital transformation program.

Alex Brown, the company’s digital marketing and transformation manager, says it can control employee access to customer data stored on the platform and maintain an audit trail of changes to that data.

According to Tom Strachan, senior vice president of sales and marketing at Lytics, a platform provider, cyber risks can be further reduced if companies store most of their customer data in a large, cloud-based data warehouse. cloud. These facilities are provided by companies such as Google and Amazon.

Under this arrangement, a platform can send a query to the data warehouse – for example, “tell me which customers have purchased a blue bicycle helmet in the last 30 days” – which will extract the information relevant anonymized and encrypted client, including a “hashed” client email.

This information is added to a customer profile in the Customer Data Platform and, using separate software, used to generate personalized offers and marketing campaigns.

However, no matter how much data a platform stores, its security will only be as strong as that of other computer systems it connects to, experts point out.

“The real challenge around cybersecurity. . . is it [it] is quite difficult to get right,” says Frank Ford, global cybersecurity practice leader at Bain & Company, a consulting firm. “The overall level of cybersecurity in the industry is generally not good.”

Security could be challenged by a rapid increase in Internet-connected devices, the so-called “Internet of Things”. According to experts, machine-to-machine communication, including interaction with a customer data platform, could be difficult to monitor and control.

“How do you know [if an] application . . . is authorized to view this customer data and, more importantly, which parts of the data can he access? said Bharat Mistry, CTO, UK and Ireland at Trend Micro, which provides cybersecurity technology and services.

Experts advise companies to follow best practices in information security, including the concept of “security by design” – using software and hardware that is designed to be secure and whose security is tested during and after installation. They also recommend monitoring the technology to flag suspicious activity, such as an employee extracting a large amount of customer data from the platform outside of normal business hours.

“Create a profile of what a typical user does with their[customer]data,” advises Peter Gooch, partner in cyber risk services at Deloitte, a consulting firm.

To maximize the marketing benefits of customer data platforms without compromising highly sensitive information, most companies will need to install additional protections and review their overall cybersecurity, the advisers add.

“Think of them like Lego building blocks,” says Mistry. “The [customer data platform] is almost like a house that has already been built for you. What you need to think about now is the . . . fence and gate and door lock before you get home.

About Dora Kohler

Check Also

Mirum Wins IDFC Mutual Fund Digital Mandate

Mirum, a leading full-service digital solutions agency of the WPP Group, has won the digital …