Client portal software has become a cornerstone of customer experience for many UK companies. They’re useful in many ways, allowing for customer self-service and allowing customers to access company information and get answers without the need to involve human support staff. They’re a powerful time-saver for both support teams and site visitors.
But it’s also important to remember that client portals contain those same customers’ sensitive personal information — and not all companies take the necessary security precautions.
The recent numbers from a UK government study are nothing short of alarming: Over half of UK businesses and about a third of charity organisations have experienced some sort of security breach in the last year. Medium and large businesses tend to suffer even worse. The most common type of breach comes from phishing or impersonation schemes.
The average data or security breach for a business or charity amounts to £1,205, but for larger businesses, it can easily be ten times that. The greater cost comes with the loss of reputation and trust that comes along with a security breach.
So how secure is YOUR client portal, and what steps can you take to make it more secure?
Why It’s Critical to Keep Customer Information Safe
First, let’s talk a little more about why it’s vital you keep your customer’s personally identifiable information (PII) safe.
As previously mentioned, the biggest issue is customer trust. When a customer gives you their personal information — such as phone number, email, address, or their credit card number — they need to know that information is being handled with care. If they feel their data hasn’t been properly safeguarded — as in the case of a data breach — they may choose to go do business with your competitor.
In addition, there are laws and regulations governing the protection of user data, not to mention the potential lawsuits and social media fallout that could result fro a data breach. Taking a cavalier attitude toward data security could cost you a great deal in the long run.
How to Create a Secure Client Portal
Now let’s delve into some steps you can take to employ better security hygiene and build a better, more secure, client portal.
- Use a centralised system. As anyone with knowledge of data security can tell you, multiple entry points make any system more vulnerable in terms of security. This is why having an all-in-one solution such as prebuilt client portal software (see below) can be a great choice.
- Use a private or on-site system. Speaking of multiple entry points — using an offsite or shared cloud solution might be appealing from a cost perspective, but it can be a much larger security risk. If you have the physical space and the budget for it, consider having your client portal hosted on-site, or at least on a private cloud system with good security features.
- Limit administrative access. A common mistake many business owners make is giving too many employees “the keys.” Every additional person you give administrative access to is another potential vector for phishing scams, impersonation schemes, or other security threats. Restrict administrative access to only the most necessary personnel, and make sure they’re trained in security hygiene.
- Embed strong security protocols. This means things such as data encryption, secure socket layer (SSL) or transport layer security (TSL) protocols, multi-factor authentication, and secure single sign-on.
- Adhere to compliance regulations. It’s of vital importance to make sure you’re in line with GDPR regulations and ISO certification requirements if you want to have the best security possible.
- Update regularly. Software gets out of date quickly, and new threats emerge every day in the form of discovered vulnerabilities or bugs. That’s why it’s important you update your software regularly and often in order to have the latest security patches.
- Perform regular audits. Is your portal as secure as you think? Do regular audits and penetration testing to make certain.
Purchase or Build Your Own?
If you’re looking to revamp your existing client portal — or if you don’t yet have one — you might be wondering whether it’s more effective to purchase an existing client portal software package, or develop your own via freelancers or in-house?
While there’s no doubt much more flexibility and customisability if you have your own bespoke customer portal, it may not be cost-effective for the results you get. There is already a wide array of client portal software available on the market, offering powerful security and ease of installation. Most client portal software also offers a variety of customisation features, approaching or equal to what you might get with a custom developer.
Whichever path you choose to take, it’s important to put the safety and security of the customer first — your reputation, and your bottom line, will thank you in the end.
David Prior
David Prior is the editor of Today News, responsible for the overall editorial strategy. He is an NCTJ-qualified journalist with over 20 years’ experience, and is also editor of the award-winning hyperlocal news title Altrincham Today. His LinkedIn profile is here.
