Article

The best ways to protect customer information in CX

As digital experiences advance, protecting your customers' information is critical for maintaining trust.

By David Tam, VP of Marketing, Nightfall

Published September 15, 2021
Last updated September 27, 2021

Digital customer experiences are critical for surviving in a connected world. According to a survey of C-suite executives, more than 70 percent of CIOs increased investments heading into 2021 to improve customer experience. At an increasing rate, restaurants adopted app delivery services, fitness memberships pivoted to virtual exercise experiences, retail fully embraced e-commerce, and office work accelerated business services like Zoom, Slack, and DocuSign.

In a connected world, information security is critical, and companies must comply with industry regulations and standards for general security and privacy frameworks. While maintaining trust with your customers, it is your responsibility to protect your customers’ information once it arrives in your ecosystem. According to research from a Finances Online report, the help desk software market share is projected to reach $11 billion by 2023. As digital experiences improve in a more conversational world, more communication channels now exist. In addition to phone and email, businesses must now also communicate via messaging apps, forms, surveys, SMS, social media, help centers, forums, bots, video conferencing, and more.

With a good customer experience, your customers also expect security and privacy. Often, risk comes from human error, from either the customer’s end or your agents. Your customers expect to get answers to questions quickly and, when they trust you, many unknowingly share sensitive information, often in unsecured ways. That’s why it’s critical to develop a best practices program for employees and create a process to audit your existing applications and systems. Here are our tips to protect your customer’s information in your CX workflows:

1. Remind your customers to avoid sharing sensitive information

It's difficult to control what information your customers will provide to you. Many times customers are reaching out to you via support channels to find a resolution to an issue and in doing so they may submit private or sensitive information that you should not store in your support tickets. A simple fix is to show a reminder or warning to customers as part of your CX to refrain from entering or uploading sensitive information when they submit a request or to incorporate reminders into templated responses from your support team. By doing so, this prevents sensitive information from entering your database. The best defense mechanism for protecting sensitive information is to not store it at all.

2. Educate your customer service agents to avoid entering non-pertinent sensitive information

Suppose your agent is communicating with your customers via an email, messaging app, or over the phone and your customer offers information that is sensitive but not pertinent for the support ticket. In most cases, training your agents to not log this information will act as a safety protocol to prevent ingesting sensitive information. Offer information security training for your new agents and emphasize not to record non-pertinent sensitive information. Embedding information security tips as part of the onboarding process will help reinforce the best practices for handling sensitive information for your agents by providing periodic training.

3. Redact sensitive information with the Ticket Redaction App

Despite warning your users and training your agents, mistakes can still happen. Enable Zendesk’s Ticket Redaction App for agents to prevent sensitive information such as ID numbers, credit cards, passwords, and more from being stored within a ticket as text or in an attachment. This is a free tool that Zendesk provides to prevent sensitive data in new tickets. With this app, both support agents and administrators using Zendesk can redact strings of text or attachments from a ticket on an ongoing basis.

4. Audit your CX platform for existing risks

Many times, sensitive information already exists in your database. When this is true, you will need to go into your system to look for and remediate data policy violations. The difficulty here is that you will often not know exactly what type of information you are looking for to remediate. You can either go in manually to inspect each ticket or use a data classification and protection solution like Nightfall's Developer Platform to scan your tickets in bulk with machine learning to detect over 150+ types of sensitive information. If your process for handling sensitive information is lacking, you could be left vulnerable to data sprawl where highly sensitive customer information proliferates from your CX platform and beyond into third-party applications that are connected in the workflow at a rapid rate. Get a free report from Nightfall to discover what type of sensitive data exists in your Zendesk tickets, comments, and attachments.

As engagements between consumers and businesses now depend heavily on these digital experiences, personalized CX has become table stakes. According to Zendesk’s 2021 Digital Tipping Point guide, 75 percent of customers expect personalized experiences each time they interact with a brand. Once a person becomes your customer, they expect you to not only deliver on your promise of the product or service but also to provide them with good support. They trust you with their information as they engage with you so that you can forge a strong relationship with them, and they act in good faith that the company will take measures to protect that information. Service providers must be accountable for preventing data leakage of PII and other sensitive information from sprawling out of control. By ensuring all your customer data is securely packaged up for your agents to access, you will be able to create personalized experiences, maintain customer trust, and build strong relationships.

Nightfall + Zendesk

Nightfall partnered with Zendesk to bring the Zendesk community an easy way to discover, classify, and protect your customer’s information in Zendesk. Nightfall scans Zendesk for sensitive information including PII, PHI, credit card numbers, and more that may proliferate in customer communications. Monitor security risks and ensure compliance with regulatory regimes like HIPAA, PCI, GDPR, CCPA, and others. Learn more about Nightfall on the Zendesk Marketplace.

Discover sensitive information within your customer support. Learn more.

How to migrate your help desk system

Prioritize and protect your customers' information. Learn what your business needs for a successful help desk migration.