By Isaac Kohen, founder of Teramind, provider of behavior analytics, business intelligence, and data loss prevention (“DLP”) for enterprises.
Data is the lifeblood of the digital economy, powering everything from the personalized experiences that propel engagement to the artificial intelligence (AI) systems that promise to usher in the next era of online ventures. It has been described as the world’s most valuable resource, with critical elements enabling growth, development and innovation. A 2023 Earnst and Young analysis notes, “Data is a company’s most valuable asset. It offers untapped potential for growth, sparks new opportunities and is the foundation upon which we can build a better working world.”
While data collection and analysis were once opaque to the customer, taking place behind a veneer of free services and individualized experiences, today’s consumers are aware their data has value and are more skeptical of companies trying to collect and capitalize on it. At the same time, consumers feel that their data is less secure, privacy less protected and preferences less acknowledged, creating a widening chasm between companies and customers regarding data collection. In many cases, they have the receipts to validate their distrust. From a seemingly unending list of data breaches to egregious privacy violations, companies continue demonstrating that they can’t or won’t take the necessary steps to value or secure customer data appropriately.
If data truly is one of our most valuable assets (and it is), then business leaders need a hard reset in our approach to collecting, analyzing, storing and implementing customer data. Based on my experience in data management and security, here are three steps you can take to begin restoring customer confidence in your organization’s data use practices.
1. Be transparent about data collection policies.
Instead of hiding data collection practices behind a curtain of thickly worded privacy notifications, be transparent about your practices, communicating in plain language the means, method and justification for collecting customer data. As Adobe helpfully explains, “Data transparency is the practice of using data intentionally and honestly, according to both the law and business ethics.”
This is especially important as companies across industries invest in and develop AI systems that ingest expansive quantities of customer data. According to Cisco’s 2023 Data Privacy Benchmark Study, “92% of organizations say they need to be doing more to reassure customers about how their data is being used.”
When creating your data collection policies, here are some areas I recommend including for full transparency:
• Inform clients about your data handling methods.
• Present an inventory of the data collected, for clients to examine.
• Craft comprehensible privacy guidelines.
• Empower clients with control over their data.
Remember, transparent data collection policies aren’t just a “nice to have” accoutrement. They’re a regulatory imperative as consumer privacy regulations force businesses to be better stewards of people’s information and preferences.
2. Minimize data access within the organization.
Employees and privileged users often have unfettered access to customer data, creating opportunities for privacy violations and misuse. For example, in 2021, Facebook fired multiple employees for accessing user data for “nonbusiness purposes.” According to the company, over 16,000 employees had access to users’ private data, creating a sprawling information ecosystem that was difficult to monitor and protect. In response, the company minimized customer data access within the organization, giving fewer than 5,000 employees access to customer information and fewer than 100 access to “particularly sensitive data such as passwords.” The company’s problem and solution are instructive for companies of every size in every sector.
I believe that minimizing data access within an organization is foundational to restoring customers’ confidence in a company’s data collection practices. To achieve this in your business, consider implementing automated software solutions that:
• Guard against unintended data mishaps by customizing rules that oversee email, messaging and web interactions.
• Ensure your data remains secure with protocols and surveillance for file transfers and activities.
• Oversee and record actions of any individual logged into servers, including external contractors and third parties.
• Safeguard business data outside of regular hours with time-sensitive policies and regulations.
• Monitor high-level user data access through role-determined guidelines.
By minimizing data access within the organization, you can demonstrate care for your customers’ data security and privacy and cultivate trust with stakeholders.
3. Proactively invest in cybersecurity.
Customers may not feel confident in any data collection practices until devastating data breaches are no longer normative. In response to this issue, many companies are investing in cybersecurity solutions that can help protect company and customer data in an increasingly unruly online environment. Unfortunately, too many organizations wait until after an incident to enhance cyber readiness. IBM’s 2023 Cost of a Data Breach report found that “51% of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools.”
Rather than waiting for a cybersecurity incident to erode customer trust and brand reputation, you can proactively invest in cybersecurity by allocating resources to areas such as:
• Employee training and awareness programs.
• Advanced security solutions.
• Personnel attraction and retention.
• Incident response and recovery plans.
These investments can help your business stay ahead of the latest trends and better prepare for emerging risks or undiscovered vulnerabilities. In my experience, this is a cost-effective, trust-building approach that can benefit you and your customers.
Safeguarding Data, Safeguarding Trust
Data stands as a cornerstone of business potential and growth in the rapidly evolving digital age. However, the trust deficit between consumers and businesses over data practices has never been more pronounced. Amid a backdrop of data breaches and privacy concerns, enterprises must reimagine their data collection, access and security approach.
By championing transparency, streamlining internal data access and proactively fortifying cybersecurity measures, you can safeguard your most valuable asset and rebuild the trust bridge with consumers. The future of a digital economy can thrive on mutual trust and respect, and making concerted efforts to nurture this relationship can lead to sustained success.
