While analysis, customer sentiment and speed to resolution are all priorities in customer experience management, security is a sometimes overlooked but equally important factor.
This is according to Luke Willemse, Sales and Marketing Manager at Decisioneering, a data engineering and AI specialist and local partner of Medallia – a leading real-time experience management platform.
Whether applied to contact centres, customer or employee engagement, or surveys and market research, security and compliance play a crucial role in maintaining trust and brand reputation, Willemse notes.
“It is a key concern among heavily regulated industries and organisations that manage sensitive information relating to their customers. Even where organisations don’t typically deal with sensitive information like bank details and ID numbers, there is still a great deal of information shared in customer engagements that should be kept in-house,” he says. “For example, customer complaints or suggestions should be used to inform product and service improvements, so you don’t want this information made public or falling into the hands of competitors.”
He notes that security and compliance are crucial at every stage of the customer engagement and the data management life cycle – from acquisition to modification, export and sharing, to eventual deletion.
Decisioneering recommends a dual-layered approach to securing this data.
Willemse explains: “The first layer is your technical layer – your end-to-end encryption, APIs and integrations, and access controls. The second layer involves your people and processes. This layer is often neglected, but is equally important. It involves staff training, role-based access controls and instilling a security mindset throughout all operations.”
Training and supervision is particularly important in high-pressure contact centre environments with high staff turnovers, he says. “When you have a constant stream of new agents coming in, you obviously want to get new people straight into the work. It is important to build security into their early training and then have a trainer or supervisor overseeing the new agent in person as the agent starts work. They can guide them through the calls and ensure all security protocols are adhered to.”
Decisioneering guides customers through implementing a dual layer approach to security and compliance with the Medallia enterprise experience platform, he says.
With Medallia, confidentiality, integrity and availability of data are protected with enterprise-grade controls and according to rigorous industry standards, including SOC 2 Type II platform compliance, GDPR/SCCs, CCPA and HIPAA, in addition to HITRUST, ISO 27001, 27017, 27018 and 27701. Medallia is also certified for CBPR and PRP. The Medallia Experience Cloud also provides organisations with complete control over data, with configurable personal identifiable information (PII) settings, granular role-based access, data masking, bring your own key (BYOK) field level data encryption and IP allowlisting.
Willemse says: “All the security and compliance tools come natively, stock standard, in the software that we offer. There is already end-to-end encryption built in, the APIs are already secure, role-based access control is standard, and your mobile authentication is already pre-built into it so agents can easily authenticate their identity before even logging into their account to be able to view customer feedback. Decisioneering takes a comprehensive approach to assuring security and compliance with Medallia implementations, helping optimise processes and offering both technical training and training sessions for managers who will use Medallia, to enable the second layer of security and compliance.”
Share