Galaxy Consulting
  • Home
  • About Us
    • Our Process
    • Meet Us at Industry Events
  • Services
    • Business Analysis and Usability
    • Content and Knowledge Management
    • Records Management
    • Information Architecture
    • Enterprise Search
    • Taxonomy and Metadata Development and Management
    • Document Control
    • Information Governance
  • Solutions
    • Information Overload
    • Compliance
    • E-Discovery
    • Internal and External Websites
    • Enterprise Search
    • Collaboration and New Employees’ Onboarding
    • Customer Service
    • Manual Processes
    • Vulnerability of Sensitive Information
  • Portfolio
    • Our Brochure
    • Our Clients
    • Case Studies
    • Presentations
    • Press Releases >
      • Galaxy Consulting Receives 2016 Best of Redwood City Award
      • Galaxy Consulting Receives 2015 Best of Redwood City Award
    • Videos
  • Testimonials
  • Blog
  • Free Consultation
  • Contact Us
  • Terms of Use/Privacy Policy

Data Security

2/29/2016

0 Comments

 
Picture
Data security should be a priority in your organization.

For hackers, large-scale data breaches such as Home Depot, Neiman Marcus, and Staples are gold mines. For businesses, keeping valuable customer data out of the hands of cyber-thieves is a constant battle. Companies need to safeguard against every possible vulnerability across their entire infrastructure.

In 2014, the total number of reported data breaches in the United States hit a record high of 783, averaging about 15 per week, based on information compiled by the Identity Theft Resource Center (ITRC).

Companies, on average, can expect to encounter 17 malicious codes, 12 sustained probes, and 10 unauthorized access incidents each month, according to research from the Ponemon Institute, a provider of independent research on privacy, data protection, and information security policy.

Despite the growing number of attacks, many companies are still not doing nearly enough to secure their customers' personal and financial information. For many companies, the wake-up call only comes after they have fallen victim to a large-scale, high-profile breach.

Forrester Research noted that outside of banking and national defense, many industries are "woefully immature" when it comes to making the necessary investments in data breach protection, detection, and response.

This prompted Forrester to conclude that most enterprises will not be able to respond to a data breach without undermining their customers' trust or dragging their own corporate reputations through the mud.

Companies need to prevent data breaches from happening. They need to have an incident response and crisis management plan in place. Efficient response to the breach and containment of the damage has been shown to reduce the cost of breaches significantly and goes a long way toward reassuring customers who might have been thrown into a panic.

The first step toward that goal is having a high-level company executive who is responsible for data security. The key to addressing information security is first understanding what customer information is stored in company databases. Create a data inventory and determine what data is sensitive. Then segment out the sensitive and nonsensitive data.

Systematically purge the data that your organization no longer needs.

Take an inventory of all of their IT assets and business processes and analyze them for vulnerabilities that could expose sensitive data, for example, cardholder data. The next step, would be to fix those vulnerabilities. This assessment should be performed at least once a year. Make sure that the company's data security program meets industry best practices, government regulations, and the company's business objectives.

Make sure your web site uses encryption for processing customer's data. Once your company no longer needs customer data, such as payment cards or any other personal information, it should be securely deleted.

It is crucial for companies to segment data so that a breach in one file does not open other data repositories.

Companies should use Internet firewalls at all times, keep their operating systems and other business software up to date, and install and maintain antivirus and anti-spyware programs. Because many companies allow employees to use their own mobile devices, including smartphones, tablets, and laptops for business, these devices should be protected in the same way. Limit some company applications and data so that employees can't access them from unsecured mobile devices.

It is extremely important that companies limit data access to those employees who need it setting up appropriate security permissions in your data systems. You can put data logging in place, with alarms for when something happens out of the ordinary. This way you will know when someone is doing something with the data that does not coincide with their job description.

Contact centers are vulnerable to hackers. They use interactive voice response (IVR) systems for surveillance and data-gathering as a precursor to phishing schemes with agents, who are unwittingly coaxed into giving out sensitive information to unauthorized callers. In most cases, the call center agents is tricked by skilled fraudsters who use a variety of social engineering techniques to get them to break normal security procedures. The only real defense is proper training and protocols.

As many as 35% of data breaches have started with basic human error, such as sending an email with personal information to the wrong person or storing company files on laptops or tablets that were lost or stolen.

Even worse than careless employees or outside hackers, though, are the contact center agents who knowingly engage in illegal activities, using their jobs to gain access to information that they can sell or use on their own.

To help contact centers deal with this threat, call center technology can completely prevent skimming by agents. At the point in the transaction where the agent needs to collect the credit card information, systems can automatically pause recordings. With other solutions, the call can be transferred to an IVR system. Agent-assisted solutions can allow agents to collect credit card information without ever seeing or hearing it. The agent remains on the phone and customers enter their credit card information directly into the system using their phones' keypads. The standard dual-tone multi-frequency tones are converted to monotones so the agent cannot recognize them and they cannot be recorded.

In this environment, contact center managers and other employees need to be trained to spot at-risk employee behaviors. Training alone, though, is not enough. Employees need to know that there will be serious repercussions for violations of company practices and security protocols. Companies need to have a clearly defined formal policy so that employees know if they violate it, there are consequences that they will have to face.

Data security, therefore, has to be a business-wide endeavor. IT professionals, company executives, and employees at every level must work together to protect critical data assets from internal and external threats. Companies need to foster a security-aware culture in which protecting data is a normal and natural part of everyone's job.

Data security is also a constant game of what-ifs. The only certainty is that cyber-criminals will never stop learning and sharing information that will help them to get into high-profile targets. They will never stop trying to break into corporate databases. The information is just too valuable on the black market. The key is to make sure that you are not leaving the front door open for hackers to get in.

Galaxy Consulting has 16 years experience protecting organizations' data. We have done it for many companies. We can do the same for you! Contact us today for a free consultation!​

0 Comments

Successful Self-Service Strategy

2/13/2016

0 Comments

 
Picture
When it comes to customer service, simplicity is critical. Companies can improve customer experiences primarily by limiting the amount of effort it takes for customers to find answers to their questions and accomplish their tasks. Here lies the appeal of Web self-service, which for many consumers has become the preferred communication channel.

Instantly available, 24/7 online customer self-service portals are gaining ground over conventional agent-assisted support, marking a significant shift in consumer attitudes toward the technology. And, contrary to popular belief, interest in Web self-service technologies is not just coming from younger consumers. The technology is changing the behavior of consumers of all generations. In fact, a recent study by Forrester Research found that 72% of consumers, regardless of age, prefer self-service to picking up the phone or sending an email when it comes to resolving support issues. This certainly is welcome news for organizations looking to cut customer service costs and maximize revenue.

There are several elements to consider for successful self-service strategy.

The success of Web self-service depends on the quality and quantity of the information available and the ease with which it can be accessed. Online customers are extremely impatient and information-hungry, so the material available to customers through self-service needs to be succinct and direct, even in response to queries that are not.

The self-service option has to be easy to find on the Web site. To call more attention to the portal, organizations can prominently place a link to the self-service portal on the homepage and other common support pages that feature company, product, and services information. And, since a self-service portal is an extension of a company's Web site, it should have the same look and feel as the rest of the site.

Once on the portal, 80/20 rule applies which means that you assume that 80% of site visitors are looking for about 20% of the content, so that 20% should be easy to find.

As for the content itself, it should be clear, to the point, and easy to understand. This can be achieved by including graphic elements, such as diagrams, charts, and bullet points. When doing so, make sure the graphics are optimized for the Web. If they're not, the Web site could take too long to load, which might cause some customers to abandon it for a more costly agent-assisted channel. Consider keeping content to an eighth-grade reading level, so the average 13- or 14-year-old can make sense of it.

Ensuring accessibility also means that the site should support a variety of Internet browsers, operating systems, assistive technologies for the blind, and, of course, mobile platforms. The latter is becoming more important, especially when one considers that almost a third of all Web traffic today comes from mobile devices.

To make a self-service section even more effective, it can be combined with an automated guidance system that enables site visitors to enter questions and then takes them to specific responses without forcing them to scan an entire database for the answer they need.

One such system is marketed by WalkMe, a San Francisco start-up that enables Web site owners to enhance their online self-service options with interactive on-screen step-by-step instructions displayed as pop-up balloons. The balloons can be programmed to appear automatically when the site visitor rolls his cursor over certain items or when he clicks on a help button.

Customers who can't find answers on their own in a self-help knowledge base might be inclined to call a customer service line, but they are more likely to type their question into a Google search bar, and companies have no control over the results that the Google search returns. This presents a number of problems for a company. Not only has the visitor left your site, but he can find information that you may not want him to see.

Virtual agents are another option companies can use to help customers find what they're looking for. IntelliResponse's Virtual Agent technology simplifies its Web self-service options. The software helps site visitors to find the single right answer to their questions. To keep information current and relevant, it strips outdated FAQ entries, learns over time how to group and respond to questions, and captures data about customer service queries to find precisely what customers need so your organization can fine-tune how it presents information on its Web site.

Companies can also use Web chat to help customers through the self-service maze. It's a tool that's already widely accepted by consumers and businesses alike. LiveWebAssist chat enables agents to push prepared content such as photos, graphics, or Web link, to customers on the site with a single click.

Along with chat and virtual agents, companies can use assisted browsing, or cobrowsing, to move self-service interactions along. This functionality lets the agent—or possibly the virtual agent—temporarily take control of a customer's computer screen. Not only does this improve the self-service experience, but, when interactions move to the contact center through either phone or chat, co-browsing can reduce the average handling time.

It is important to measure response time. Perhaps the most effective measure is the number of customer questions that are submitted and get a response. This can apply to those questions where the customer finds the answer on her own as well as those that are answered through a social community or by a representative of the company. Consider these elements:
  • the number of issues resolved per month through social communities. This includes the number of new questions posed to and answered by the community, the percentage of issues resolved by members of the community rather than company employees, and the number of "this article helped me" votes received.
  • the number of issues resolved every month through FAQs and company knowledge bases. This includes the number of page views that both receive per month.
  • the average cost to resolve issues through channels that involve a company employee. These include phone, email, and chat.
And then, as with any customer service channel, it's important to collect user feedback about the self-help experience. As with any other customer service channel, this can be done through customer surveys, Web analytics and search logs, customer interviews and focus groups, usability testing, and collaborative design processes.

For self-service to be done right, it should be in the interest of the customer. You do not want customers to use self-service because they are forced to. You want them to use it because it serves their needs.

Galaxy Consulting has 16 years experience in optimizing self-service on companies web sites. We can do the same for you. Contact us today for a free consultation!

0 Comments

    Archives

    April 2022
    March 2022
    January 2022
    July 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    July 2020
    April 2020
    March 2020
    December 2019
    November 2019
    September 2019
    August 2019
    July 2019
    May 2019
    March 2019
    February 2019
    January 2019
    December 2018
    October 2018
    July 2018
    June 2018
    May 2018
    March 2018
    February 2018
    January 2018
    December 2017
    September 2017
    July 2017
    June 2017
    May 2017
    April 2017
    January 2017
    December 2016
    November 2016
    September 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012
    December 2011
    November 2011

    Categories

    All
    Alfresco
    Arena
    Automatic Classification
    Autonomy
    Big Data
    Business Analysis
    Case Studies
    Change Control
    Change Management
    Cloud Content Management
    Cloud Ecm
    Cloud Enterprise Content Management
    Cms
    Collaboration
    Compliance
    Concept Searching
    Confluence
    Content Analysis
    Content Localization
    Content Management
    Content Management Systems
    Content Strategy
    Controlled Vocabulary
    Coveo
    Crisis Management
    Dams
    Data Integrity
    Data Security
    Digital Asset Management
    Digital Asset Management System
    Digital Transformation
    Dita
    Document Control
    Document Control Systems
    Documents Management
    Documentum
    Drupal
    Dublin Core Metadata
    Ecm
    E Discovery
    Engineering Change Process
    Enterprise Content Management
    Enterprise Search
    ERoom
    E-Signature
    Exalead
    Fatwire
    Gamification
    Gmp
    Gxp
    Hadoop
    Information Architecture
    Information Governance
    Information Overload
    Information Technology
    Iso 9001
    IT Systems Validation
    Joomla
    Knowledge Management
    Knowledge Management Applications
    Metadata
    Mobile Devices
    Naming Conventions
    Ontology
    Open Source Cms
    Open Text
    Oracle
    OWL
    Personalization
    RDF
    Records Management
    Risk
    Search Applications
    Self Service
    SEO
    Sharepoint
    Social Media
    Structured Content
    Taxonomy
    Teamsite
    Thesaurus
    Tridion
    Twiki
    Unified Data
    Usability
    User Adoption
    User Centered Design
    Vasont
    Vivisimo
    Web Site Content
    Web Site Design
    Wiki

    RSS Feed

Powered by Create your own unique website with customizable templates.