How to enhance document security within your CRM software.
Your CRM system contains a wealth of sensitive information and documents. These documents are accessed by employees in the field and potentially by partners and customers. And today, more than ever before, documents may be accessed from many locations and many different devices, including laptops, smartphones and tablets.
But what happens if a device gets lost or stolen? If an employee accidentally posts a document in the wrong place? Or if an authorized user forwards documents or makes copies of them?
Take for example the recent leak of the iPhone 4 internal procedures for handling the antenna issues that plagued many Apple customers. Or worse yet, a leak of specifications of products not yet publicly announced, such as the recent case of Microsoft Windows 8.
How well are your company’s sensitive documents protected in your CRM system? Chances are the answer is: not too well.
Here are five ways to greatly enhance the security of these documents within your CRM system:
1. Encrypt your documents: Make sure that documents you transmit are encrypted. This is usually the first line of defense and ensures that the documents safely reach the intended recipient without the risk of eavesdropping.
2. Consider finely grained role-based security. One big source of document leakage is a disgruntled employee who is resigning to go to a competitor.
Finely grained role-based security can reduce document leakage by establishing a series of focused classifications of your employees in the CRM system, where each role gives employees the privileges they need to do their job (including access to relevant documents) and no more. This prevents them from being able to access all sensitive documents within the CRM system.
3. Educate your staff: Keep your customer service employees up to date on security best practices, so they take basic precautions to prevent systems from being compromised (and documents from being accessed by unauthorized people).
For example, their passwords should use combinations of numbers and letters at least six characters long and they should change them every 30 to 60 days. Employees should also be trained not to open attachments from unknown sources and not to install shareware products, which can load unwanted spyware on the system.
4. Protect your mobile devices: As a part of being able to support the customer anytime and anywhere, customer service employees are provisioned to access information within the CRM system on their mobile devices. Since mobile devices are often lost or stolen, it is critical that you are able to destroy any information, including documents on your mobile device remotely.
5. Ensure documents are protected wherever they are: Once an employee is logged into the CRM system, he/she can access the documents based on their security levels. They can now download these documents into their computer or mobile device, print them or forward to anyone.
Given the high employee turnover in call centers, an ability to protect these documents from falling into the wrong hands is critical. Fortunately, this level of document security is now possible using solutions that can easily integrate with your CRM system.
Such technology places embed instructions inside a document in the CRM system, that tell the document if its recipient can copy, edit, print, save, forward or even photograph the document.
And these embedded instructions can also destroy the document, if you feel that it has fallen into the wrong hands – even if it is stored on their iPad or computer.
With such technology, as soon as the call center rep leaves your company or you believe that your customer/partner being supported by your customer service rep does not need access to the document, you can prevent them from accessing the document, wherever it is, including on a home computer.
Until now you hoped your employee or your partner’s employee respected the NDA clauses they signed at the time of hiring. Now you can make sure sensitive documents that sit inside your CRM system are really protected.
About the Author
Adi Ruppin is vice president of business development and marketing for WatchDox, a software-as-a-service (SaaS) solution that enables the confidential sharing of important or sensitive documents in an easy and secure way.