Every day we take security into consideration as we go through our daily lives. We lock our doors, secure our credit cards and monitor the world around us. But how are you taking steps to secure your CRM?
Vendors tell us to utilize technology in the Cloud, preach how secure there Cloud is and how nothing bad can happen. The reality is that as a CRM administrator you are the front line of your data security. Security makes up multiple layers, so take control of the elements that you can influence. Remember security is everyone’s responsibility, not just the individual with the job title.
Here are three steps you can take to start securing your CRM:
1. Environment Management: It does not matter how big or small your organization is when it comes to change management. Realize that you will utilize test and development environments as part of change control. How many can say they have a policy in place for the deprecation of these environments when development is complete? Can you? For a majority of CRM products, these environments are clones of your production system. Treat them with the same security scrutiny as a production system.
- Deprecate non-production environments when not in use
- Audit users with the same level of scrutiny as your live system
- Track how customer data is being used in test and development environments
2. Password Security: Passwords continue to be a prime target for infiltrating data systems. There are ways to simplify password security without reducing risk. Functionality such as Single Sign-On and Password Keepers have greatly improved the ability for users to remember credentials. Every day I see administrators using simple passwords to credential users. Take steps to protect your CRM.
- Implement complex password standards for your CRM administrators
- Enforce frequent password change intervals
- Limit who has the ability to reset and provide credentials
3. Policy: The CRM you utilize is by design meant to give large numbers of users access to customer, constituent or user data. Information is now available to staff at an unprecedented scale and volume. Have you taken steps to make sure the written policies are in place to limit your liability and educate the userbase for the CRM?
- Frequently implement and update technology and data policies
- Educate your staff on the potential pitfalls of a data breach
- Monitor how staff are using the information they are accessing via the CRM
Have questions about your CRM? Reach out to me. I’d love to chat with you.
Thanks for reading!