Free DownloadWhat is customer experience management (CEM or CXM)?
Positive customer experiences can boost both a company’s reputation and bottom line, but negative ones can have the opposite effect. Crafting and implementing a customer experience management strategy is essential. This guide explores techniques and tools that can help organizations construct and implement an effective customer experience management plan.
How to fit customer experience security into your strategy
Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX.
Although organizations claim to prioritize customer needs, many fail to incorporate security into their CX strategies.
Organizations should focus on security in all customer interaction channels as customer expectations and digital threats continue to evolve. To balance CX and security, CX leaders can encourage interdepartmental cooperation, develop attacker journey maps, personalize customer identity and access management (CIAM) controls and more.
Why incorporate security into customer experience?
As explained below, the proliferation of digital channels has led to increased cyber attacks. And while customers want increased convenience, they’re unwilling to sacrifice their security for it.
Convenience. The myth that convenience comes at the cost of security has led to a siloed approach to enterprise security. Time-consuming authentication processes can create bad website experiences that turn customers away. Yet, cyber attacks can do more damage to CX than a bad web experience, so many organizations sacrifice smooth CX for security. Instead, they should balance security and the customer journey with seamless, sensible and consistent security measures for critical services and systems.
Protection. In addition to convenience, customers expect security by design. People want frictionless experiences across authentications, logins and cross-channel interactions without compromising security. A growing list of privacy laws reflects customer demands for more privacy options -- including the ability to opt out, refuse cookie trackers and request data expungement.
Cyber attacks. As digital channels widen the CX domain, the potential for cyberthreats such as account takeovers, fraud, phishing and ransomware increases. The pandemic also accelerated these trends, as remote work measures prompted organizations to expand their digital channels. Additionally, customers spend far more time online now than before the pandemic, which opens the door for more cyber attacks.
5 steps to integrate customer experience security
To integrate security into a CX strategy, organizations should embrace collaboration, personalize security controls, identify attack vectors and more.
1. Start with culture
Organizations should encourage a culture of collaboration between security teams and other departments such as IT, product, customer service and marketing teams. Every department plays a role in customer experience security and should all be trained accordingly.
CX leaders have a clear sense of how different customer segments or personas engage with their organizations. CX teams use research, maps, tables, A/B testing and analytics to determine types of customer personas and their preferences, common paths and touchpoints throughout the customer journey.
Organizations should tailor their security measures to specific personas and specific phases of the customer journey. Just as customers differ in their preferences, in each journey phase they can differ in awareness, pain points and requirements related to security, privacy, data and device governance.
Journey phase
Questions to ask
Common CIAM functions
Awareness
How do different personas manage common digital security actions such as password tracking, registration and mobile authentication?
Secure credentials
Consideration
As prospects evaluate services, what levels of education and support, such as Q&As and customer service, could create trust?
How can account registration and onboarding engage users around security?
Secure credentials
Account login
Account and device registration
Account security and privacy customization
Decision
How can CX teams enable seamless and secure web experiences when customers make an account with an organization?
What interfaces, such as account and password settings, can enhance UX and maintain security?
Account login
Password reset and recall
Multifactor authentication
Device recognition
Identity proofing
Fraud detection
Data privacy and compliance
Service and retention
Will different personas require different security configurations, such as session lockout duration?
How can touchpoints that promote customer flexibility -- such as logins, portal access, customization and bill payment -- improve security?
What is the plan for when a breach occurs?
Reauthentication
Account security and privacy customization
Password reset and recall
Anomaly detection
Automatic lockouts
Session policies
Advocacy
What ideas or new policies for security enhancement can organizations use to incentivize customers?
How can organizations design secure account termination processes based on personas?
Account management
Account reactivation
Account deactivation
Account termination
Deprovisioning
Data privacy and compliance
3. Develop attacker journey maps
As organizations integrate security into CX strategies, they should create attacker journey maps. These offer a view of all potential attack vectors, such as phishing and malware. Attacker journey maps, along with tools like vulnerability scanning software, can help organizations find systems' weak points.
Cybersecurity groups, such as the SANS Institute, offer research and training to help organizations identify areas that need stronger security controls, such as reauthentication, mobile device management and timeout and logout functions.
4. Apply CIAM controls to high-risk areas
If organizations assess weaknesses and security requirements across customer and attacker journeys, they can find where and how to apply CIAM controls. Organizations often start with their most critical attack vectors, then apply CIAM functions such as multifactor authentication, identity proofing and anti-fraud verification to secure vulnerable areas.
Ultimately, modern CX should meet -- and protect -- customers where they are.
Organizations should tailor CIAM functions to specific attack vectors. For instance, to protect against compromised credentials, organizations may implement stricter password policies and two-factor authentication. To prevent encryption weaknesses, on the other hand, organizations can craft policies that enforce encryption in flight and at rest.
5. Define and maintain governance policies
Organizations need governance, risk management and compliance to keep up with evolving security and CX landscapes. Research, attacker journey maps and CIAM controls can help organizations integrate security into CX, but they aren't one-and-done solutions. Business leaders must repeat and update their security and CX strategies as customer preferences, digital channels and attack vectors evolve. They should also develop metrics for success and engage with partners and stakeholders to share and learn from best practices.
Ultimately, modern CX should meet -- and protect -- customers where they are.
