Thursday, May 22, 2014

Bad Customer Service vs. Data Breaches: Competing for "Best Way to Lose Customers" Award

So which is worse: bad customer service or a data breach? Well, when it comes to brand reputation and customer loss rate, they may be equivalent.

identity theft, ID protection, data breach, information securityCustomer service has always been a sticking point for brands. After all, a bad in-store or phone experience with a company can send customers heading for the door, never to be heard from again. Environmental disasters also still rank high on the list of reasons customers may consider discontinuing their loyalty to a brand or company (think Exxon Mobile or BP). Yet, according to a recent study by the Ponemon Institute, customers now rate data breaches right along with customer service and environmental disasters as a major reason to ditch a company and run into the loving arms of its competitors.

It was really bound to happen, if you think about it. With the increase of very highly publicized data breaches in recent years (think Target a few months ago and eBay getting headlines today), customers are beginning to sit up and take notice. After all, the threat of identity theft promises much worse consequences than a bad experience with a rude customer service rep, and it hits much closer to home than an oil spill hundreds of miles away.

The average American consumer understands the long-lasting and potentially devastating effects of a breach of their personal information. According to the study, “prior to having their personal information lost or stolen, 24 percent of respondents (customers) said they were extremely or very concerned about becoming a victim of identity theft. Following the data breach, this concern increased to 45 percent, Ponemon says. Almost half of respondents feel their identity is at risk for years or forever.”

And yet, it seems that companies are just catching on. It’s not enough to manage the press after a disastrous security breach. It’s high time that data security, security awareness training, and social engineering were given just as much care as customer service training. It’s not enough to put firewalls and technical blocks in place, since it’s been proven time and again that social engineers and other thieves can get around them. It’s not enough to just offer free identity protection after a breach. In fact, the Ponemon study suggests that only 30% of customers even accept the offer of free ID protection services. 

And here’s the real irony: customer service departments are often the first areas to target by those interested in swiping sensitive information. So, in an effort to keep customers content, management throws money, time, and training costs at customer service to create employees that generate a positive experience for every customer—but who may also be opening the door to a data breach every day.

After all, it’s pretty easy to steal sensitive information from someone who is desperate to make you happy at all costs. 

It’s high time for a more proactive and well-rounded approach that promotes good customer service and information security. Sound impossible? It’s really not. It just requires that the powers that be in each corporation reject the traditional silo mentality and start collaborating, creating solutions that meet both needs. While employees may be the ones handling the customers on a daily basis, management is responsible for setting them up for success or failure—and unfortunately, there is often a real disconnect between security and customer service in the minds of those in charge. 

Customer service and security—you can have both, and can keep customers in the bargain. It just requires care, concern for the safety of every piece of sensitive information, and a willingness to spend time creating valuable security questions and sympathetic customer representatives with both the best interests of the company and the customer at heart.