Customer satisfaction has a new ally: IT security management. Security has become a top-of-mind issue in the wake of recent, well-publicized security breaches -- like those at Target and Nieman Marcus -- that have undermined consumer confidence and eroded brand value.
Despite the challenges, a number of forward-looking enterprises are implementing new identity and access management technologies to improve their security profiles. At the same time, they’re hoping that better security will also increase customer trust, engagement and retention.
“The latest identity management and authentication approaches let businesses have a more intimate understanding of customers. With this knowledge, companies can simplify the customer experience, which encourages trust and loyalty,” Mike Denning, Senior Vice President and General Manager of CA Technologies’ security business, told me recently. “When you have that trust, customers are more willing to listen to recommendations, the way they would with a friend.”
Tapping Big Data Techniques
What are companies doing differently?
One approach is for IT to apply the same big data analytics technologies to identity and access management as are already being used by sales and marketing to understand customer behaviors and anticipate customer desires.
Analytics and machine-learning algorithms can identify users based on their online behavior, in addition to their log-on details, for example.
Until recently, CIOs and chief security officers focused primarily on perimeter management and keeping the bad guys out. But, with the advent of social networks, mobile apps and cloud computing, the notion of a manageable perimeter is no longer relevant, according to Larry Ponemon, Chairman and founder of security research firm The Ponemon Institute. IT environments are distributed and their boundaries are opaque.
To deal with these increasingly complex, interconnected systems, risk-based authentication -- in which contextual data about users, such as their devices, applications and locations -- can help a business identify authorized users. In addition, Security as a Service can be applied across different networks, cloud services and applications in an information-brokering model.
“For example, I live in the U.S.,” Larry said when I spoke to him, “but my credit card is flagged for a transaction in Beijing. An affiliated [related] system might be able to determine that I’m in China on a business trip, so the transaction would be allowed to go through.” All of this can happen in a matter of seconds, without inconveniencing the customer with lots of questions about his or her identity.
Similarly, a global retailer is putting identity and authentication measures in place so that the consumer’s identity can be managed at the enterprise level -- whether that consumer is shopping on the Web, by phone or in the store. This creates a seamless user experience, Mike said, and gives marketers a better way of understanding consumers’ behavior.
Of course, the market will have to strike a delicate balance between customer convenience and improved security protection. Security and privacy experts seem to be creating more sophisticated and transparent security measures that will deliver greater levels of customer satisfaction. And, in turn, these multilevel approaches to identity and authentication management will drive new benefits for enterprises -- if they are savvy enough to embrace them.
Karyl Scott is a business and technology writer based in Northern California.