The document discusses customer relationship management (CRM) systems and the importance of securing sensitive customer data. It notes that while CRM systems aim to optimize customer satisfaction, many companies do not adequately protect private customer information. The document advocates for CRM systems that limit data access, encrypt data storage, and divide data across secure databases in order to responsibly manage the sensitive customer information entrusted to companies.

1. © 2014 KlugTech www.klugtech.com
Secure Databases?
Security Factors in CRM
Thom Poole
CIO - KlugTech

2. An enterprisewide business strategy designed to optimize profitability, revenue!
and customer satisfaction by organizing the enterprise around customer!
segments, fostering customer-satisfying behaviours and linking processes!
from customers through suppliers
A combination of software and a customized software process to help companies!
gain a competitive advantage in either sales, marketing or customer service
MondoCRM
A comprehensive business model for increasing revenues and profits by focusing on customers
An application used to automate sales and marketing!
functions and to manage sales and service activities in an organization
© 2014 KlugTech www.klugtech.com
What is CRM?
A way to identify, acquire, and retain customers, a business’ greatest asset
Martin Walsh
A widely implemented model for managing a company’s interactions!
with customers, clients, and sales prospects

3. © 2014 KlugTech www.klugtech.com
BUT…
…so far, so good
No mention of personal data/behaviours
No mention of security
No mention of a responsibility on the data ‘holder’

4. © 2014 KlugTech www.klugtech.com
Data Management
• People and companies entrust
sensitive data to others, but if
data management is insecure…
• Recent breaches include some
big-name companies
• So who can we trust?

5. © 2014 KlugTech www.klugtech.com
The Challenge

6. The price we have to pay for money is sometimes liberty
© 2014 KlugTech www.klugtech.com
Robert Louis Stevenson
… but who is earning the money, and who’s liberty is at risk?

7. What do we expect from CRM vendors/developers?
What Customers Want
© 2014 KlugTech www.klugtech.com

8. Collect only what you need
Too many companies collect"
too much information
Should systems require justification for!
collection of certain data lines?
© 2014 KlugTech www.klugtech.com

9. Divide & Conquer
© 2014 KlugTech www.klugtech.com
Why should all the data be held in a single database?
Swiss banks don’t keep all the access information in one place!
for a private bank account – why should a CRM system?

10. All [too] Powerful
Does a single person really need access to the whole database?
© 2014 KlugTech www.klugtech.com
Limit access
Prevent database downloads

11. Safe Harbour?
© 2014 KlugTech www.klugtech.com
Do companies actually create ‘safe harbours?
Data in the US must be held safely – is it?
Do ‘home’ companies hold data safely?

12. Principles of Safe Harbour
Notice - Individuals must be informed that their data is being collected
and about how it will be used.
Choice - Individuals must have the option to opt out of the collection and
forward transfer of the data to third parties.
Onward Transfer - Transfers of data to third parties may only occur to
other organisations that follow adequate data protection principles.
Security - Reasonable efforts must be made to prevent loss of collected
information.
Data Integrity - Data must be relevant and reliable for the purpose it was
collected for.
Access - Individuals must be able to access information held about
them, and correct or delete it if it is inaccurate.
Enforcement - There must be effective means of enforcing these rules.
© 2014 KlugTech www.klugtech.com
EU Directive 95/46/EC on the protection of personal data

13. With great power comes great responsibility
Take Responsibility
© 2014 KlugTech www.klugtech.com
Voltaire
Knowledge is power
Francis Bacon

14. What do we expect?
• Secure, encrypted customer databases
• Limited, relevant access to all data
• ‘Safe Harbour’ – everywhere, for all data
© 2014 KlugTech www.klugtech.com

15. The Security Expectation
Use the 4 key identifiers
• Something you KNOW
• Something you ARE
• Something you DO
• Something you HAVE
© 2014 KlugTech www.klugtech.com

16. Security Management
• We are too trusting of people
• Rely on a single factor – Something you KNOW
• Intelligence is flawed
• Trust must be restored
© 2014 KlugTech www.klugtech.com

17. What’s Stopping You?
• Take security seriously
• Split up your databases
• Use encrypted, multi-point security
• Limit data access
• Keep parts of your system clean & free from all
outside influences
• Work with your customers
© 2014 KlugTech www.klugtech.com

18. © 2014 KlugTech www.klugtech.com
KlugTech
• KlugTech was created to address the usability
and security of the Internet of Things
• We have created a modular approach to
securing your systems, but with a single, safe
interface
• Domestic Solutions
• Enterprise Solutions
• Transport Solutions
• Healthcare Solutions
• Public Sector Solutions
• Smart Power Solutions
• Venue Management Solutions
• Retail Solutions
• Delivery/Logistic Solutions
• Education Solutions
• Smart City Solutions
• Agricultural Solutions
• Security Solutions
• Database Management Solutions
www.klugtech.com