As a TPI, you know that securing your data is extremely important. From a GDPR point of view, this is obviously crucial but, in many ways, your data is your most valuable asset. It is your Intellectual Property and is what separates you from the rest of the pack. It should be your first and last crusade to keep it safe.
It’s more than likely that you are using a CRM system to manage the bulk of your data. These systems take on additional responsibility in the sense that they store all of your core business information, from customer data to financials.
For CRM systems, it is imperative that they have the necessary security measures in place to ensure that your data is well protected.
In this article we look at the main security requirements that should come as standard when choosing a CRM system you can trust:
When using a CRM, your data is entered through a front-end web app and then stored in a database. If this is a cloud-based application, a provider outside of the company managing your CRM system will host the environments that the data is held within.
It’s important that a credible provider is used for hosting so that the suitable security protocols are in place. Providers such as Microsoft and Amazon are good bets.
Single Tenant Database:
If you are using a CRM system, it’s a certainty that lots of other companies are too. If your data is stored on a database, you ideally want your data separated from other companies.
If it isn’t, then if you ever need your data rolled back, the CRM provider may not be able to do this as they would have to roll back all data within that database, affecting other companies. Also, it increases the chance of cross-contamination of data (your data appearing somewhere where it shouldn’t). Single Tenant Databases give you peace of mind that your data is stored on its own independent database.
Encryption At All Levels:
Unfortunately there are hackers in the technology world who attempt to gain access illegally to system databases. Encryption is in place to ensure that, if this were to happen, your data is unreadable.
Secure Socket Layer (SSL) should be set against the web app you are using to protect your data against unlawful visitors. The data stored in the database should also be encrypted (at-rest) and the data should also be encrypted when it moves from the database to the web-app (in-transit).
Hackers or an untrustworthy employee may try to log into the system by using your username or email address and trying to guess your password. Hackers use something called Credential Stuffing, where they’ll use automation to guess your password multiple times.
The best way to protect your business from these types of behaviours is to put a limit on the number of times a password can be guessed incorrectly before your account is locked out. 3 opportunities tends to be the industry standard.
It may be frustrating for your team if they are continuously getting locked out but this is much preferred to your data being vulnerable to attack.
One of the great benefits of cloud-based applications is that they can be used anytime, anywhere. However, it may be that you don’t want your team using the system at home. There may be no need for them to do this.
Where this is the case IP Filtering can help to ensure that only a pre-selected list of IP addresses can gain access to the system outside of your office location. For example, just your management team.
Our UtilityClick system has been built from the ground up with security in mind. We have invested heavily in our system to ensure that industry standard technologies are used to protect your data.
In brief with UtilityClick you have:
- Microsoft applications being utilised for optimum data protection.
- An isolated database so your data is stored separately from other TPI data.
- Data encryption applied at all levels to ensure that your data is only readable by our Software.
- Account lock-out where multiple unsuccessful password submissions are made.
- IP Filtering to provide flexibility on who can use the system outside of your office location.
If you would like to see a demo of our system and understand more on how your data is protected within our Pricing CRM system, feel free to get in touch and we’d be happy to show you around