- Digital Experience
Cybersecurity: What traits to look for in an outsourcing partner
It pays to take customer data security seriously. Cisco reports that for every dollar spent on privacy, the average company benefits to the tune of $2.70, and that the vast majority of companies (97%) see benefits, like competitive advantage, from their privacy spend. In many cases this is attributed to increased customer loyalty and trust — according to Salesforce, 84% of consumers are more loyal to companies that have strong security controls.
Modern consumers value data privacy, but also want personalized service. The right outsourcing partner can help strike that perfect balance, enabling brands to successfully navigate the intersection between security and customer experience.
When selecting a customer experience delivery provider that is right for your business, take the following cybersecurity factors into consideration.
1. Best practices start at the top
The concept of privacy by design was created by Ann Cavoukian in the 1990s, during her 17-year career as the information and privacy commissioner for the Canadian province of Ontario — but it has never been more relevant than in today’s digital age. “Privacy by design advances the view that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation,” Cavoukian wrote.
The idea that privacy should be taken into account at all levels of an organization is echoed in the findings of a recent IBM cybersecurity survey of more than 700 executives across 28 countries. The findings showed that the most secure firms prioritized IT at the executive and board levels, ensuring that it remained the responsibility of all high-level stakeholders.
In short, privacy and cybersecurity can’t be an afterthought. Given its intrinsic ties to both commercial success and risk management, conversations about digital privacy and online security need to start at the C-level.
2. Compliance and certifications
Third-party assessments can help evaluate an outsourcing partner’s level of vigilance and skills in managing cybersecurity risk. One example of a voluntary certification that provides credibility for an outsourcer’s ecosystem is the Cloud Security Alliance (CSA). The CSA certification offers validation of a company’s security posture of cloud offerings. In the same way, the HITRUST CSF offers a robust certification on healthcare data security and privacy that extends beyond the table-stake U.S. legal requirement HIPAA.
When evaluating a potential partner’s cybersecurity capabilities, consider looking for an organization that seeks third-party certifications and attestations that go above and beyond the standard course of due care. Organizations that continually seek third-party accreditations demonstrate their commitment to being a leader in this regard.
Security-on-demand, an innovative approach that allows companies to avoid the lag between procurement and implementation in high-growth scenarios, can help brands meet its cybersecurity needs when rapidly scaling their business by providing customized security capabilities at the click of a button.
Such an approach aims to take the same model from cloud storage and Amazon Web Services, and expand it to cybersecurity. A partner equipped with security-on-demand capabilities can adapt to customer needs dynamically and quickly.
4. Threat reporting and education
Studies show that humans are the weakest link when it comes to executing a cybersecurity strategy. Indeed, we are only human: 47% of employees cited “distraction” as the reason for falling for a phishing scam, according to research from Tessian. The best laid plans for customer privacy can easily be thwarted by the singular act of an employee recording secure customer data on a sheet of paper and disposing of it incorrectly.
A customer experience partner should ensure that employees receive ongoing training and education around privacy and security. They should also have an employee hotline in place and empower team members to report colleagues’ improper handling of sensitive information.
Brands should look for a partner with proactive policies in place for handling sensitive client data and an action plan for any breaches that could occur.
5. Less data, fewer problems
Big data is the new way of the business world, but indiscriminately collecting data without an intended purpose can cause more problems than it solves.
A trusted outsourcing provider will continually assess what they are collecting and storing in order to focus on gathering the minimum amount of data necessary to provide the maximum consumer benefit. It will also have the best technology platforms to store and access customer data safely and securely, which also greatly contributes to protecting customers’ privacy.
Every day, customers share their personal data with brands in exchange for personalized and efficient service with the expectation that it will be safeguarded from digital threats. An outsourcing partner must help maintain that sacred trust as cybersecurity and privacy protection are now an integral part of delivering an excellent customer experience in the digital age.
A full evaluation of a potential contact center outsourcing provider will provide excellent clues as to whether a trusted partnership is feasible. Ask prospective partners, ‘What is your product?’ If the answer is just ‘great customer service ‘ then think twice.