Data security and privacy: The foundation of customer trust

Customers want to engage with companies and services that offer frictionless experiences, and the key to creating those experiences is data – lots of it. One example: collecting data about a person’s behavior or online activity helps route them to the right resource when they call for help or seamlessly guides them through an intelligent self-service experience. The goal of an organization pursuing this level of personalized service is to get a full, accurate view of the customer to make that person’s life easier. But as organizations collect more data, should customers trust them with their information? 

Ninety percent of customers do not, according to one 2024 study, but 78% said they’d be more likely to share their data with a company they trust. Read on to learn more about the challenges of data security and privacy amid the pursuit of innovation, and how the right customer experience platform empowers this innovation without risking business disruption.

As customer experience and data complexity increase, contact centers and their data become more attractive to cyber criminals

Companies of all kinds across the world are relentlessly hit by data breaches. These leaks happen due to weaknesses in technical, human, and organizational factors, and often originate in the contact center which serves as the hub of customer data. Consider these scenarios that happen every day:

• Someone gains access to an agent’s desktop and views sensitive documents or information without proper authorization.
• An unencrypted or unlocked mobile device gets lost or stolen. Over half of companies have experienced a data breach stemming from inappropriate access to an employee’s mobile device, with the costliest breach topping $2.2M.
• A fraudster beats out Knowledge-based Authentication (KBA) to illegally obtain access to a customer’s account. 90%+ of companies still rely on KBA, actual customers fail KBA about 30% of the time, and fraudsters can beat the system 60% of the time.
• Malicious outside criminals (a.k.a. hackers) constantly scan to find weaknesses in tech systems and scan an ever-widening attack surface.  

Data security is truly one of the most critical factors of customer experience and is something that even relatively new technologies are challenged to solve for, and this complexity increases in legacy systems that predate most of today’s modern technology.   

Data privacy: The equally critical issue of customer perception and trust

Are companies being honest with customers about how they use their data, and what control do customers have over their own information? This concept of data transparency is relatively new and has become integral to customer loyalty and retention.

In 2018, the European General Data Protection Regulation (GDPR) went into effect, marking a paradigm shift in how companies operating in the European Union handle and protect personal data, and the rights customers have over their personal data.

The following year, the California Consumer Privacy Act (CCPA) became the first modern privacy legislation in the United States focused on giving people insight and control over how companies use their personal data. It was the same year that the Cambridge Analytica scandal happened, where it was discovered that Facebook user data was being shared with a political consulting firm who used that data to improperly target people for political ads without their knowledge. This shattered customer trust and their perceptions of brands and their intentions. 

Not only do we have to consider if companies are doing enough to keep our data safe, but we must also consider if our data is being respected and kept private by brands we’re meant to trust. However, privacy requirements and regulations around the globe are rarely one-size-fits-all and can even be conflicting at times. These discrepancies require customizable solutions to help customers address their compliance needs and obligations around the world.

Avaya Experience Platform™: Innovation without disruption to data security, privacy, or compliance

Enterprise organizations need a comprehensive cloud solution that enables them to innovate with flexibility by integrating new technologies like AI, automation, and self-service – regardless of whether they’re on-prem, fully cloud, or hybrid – all while ensuring customer data is completely protected and secure. When designing new solutions for customers, Avaya always prioritizes data privacy from the get-go and has implemented a variety of features in the customer experience platform, Avaya Experience Platform™, to enable customers to operate in compliance with the applicable privacy legislation and standards. These features and other relevant information on Privacy and Security are described in the Avaya Experience Platform Privacy Fact Sheet. Furthermore, Avaya fulfills all legal requirements under Europe’s GDPR and other privacy legislation, to give customers the necessary contractual rights to remain in control of the personal data entrusted to Avaya for processing. 

Binding corporate rules

GDPR has become the blueprint of modern privacy laws, which is why Avaya bases its entire global privacy program on the principles, standards, and practices established by GDPR as set out in Avaya’s Global Privacy Policy.

This strong commitment to Privacy and Data Protection is also reflected in Avaya’s Binding Corporate Rules for Processors and Controllers (BCR), which the European Data Protection authorities approved for Avaya in 2018, and which are commonly accepted as the gold standard of data protection.

Beyond their function to safeguard international transfers of personal data from Europe within the Avaya group, the Avaya BCR has a much wider scope and provides a high level of European data protection for all personal data entrusted to Avaya around the globe.

The largest ecosystem of Tech Partners, including leading security vendors 

Consider pioneering cybersecurity software company Journey: the company is dedicated to enabling businesses to create trusted digital relationships with their customers using an award-winning approach to digital identity verification. Journey and Avaya can revolutionize your customer experience, security posture, regulatory compliance, and most of your KPIs with capabilities available in cloud, on-premises, and hybrid cloud environments. 

Key features include:

• Continuous authentication for agents: Enable biometric login for agents to easily and securely ensure that internal and outsourced agents are who they say they are and are on their screen. 
• Continuous authentication for customers: Leverage built-in biometric sensors to instantly authenticate customers’ identity when connecting to the contact center while remaining 100% compliant with security and privacy regulations. 
• Zero-knowledge capabilities: Enable agents to see the results that matter to them (ex: whether a payment went through, or a document was signed) without needing to see or hear a customer’s personal, identifiable, financial, health, or other sensitive information. 

As technology continues to advance and regulations around security and data privacy continue to evolve, it is imperative that enterprises leverage solutions that are flexible and adaptable to the changing regulatory landscape and prioritize the safekeeping of customer data. Avaya continues to innovate its solutions portfolio to encourage flexibility and empower its customers to choose their journey through on-prem, public or private cloud, and hybrid deployment models that best meet their needs.

Learn more about how Avaya enables organizations to drive innovation while meeting business-critical mandates with communications that are secure, compliant, and accredited by major regulatory bodies.