9 customer journey mapping tools that can improve your CX customer satisfaction (CSAT)
X
Tip

How to fit customer experience security into your strategy

Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX.

Although organizations claim to prioritize customer needs, many fail to incorporate security into their CX strategies.

Organizations should focus on security in all customer interaction channels as customer expectations and digital threats continue to evolve. To balance CX and security, CX leaders can encourage interdepartmental cooperation, develop attacker journey maps, personalize customer identity and access management (CIAM) controls and more.

Why incorporate security into customer experience?

As explained below, the proliferation of digital channels has led to increased cyber attacks. And while customers want increased convenience, they’re unwilling to sacrifice their security for it.

  • Convenience. The myth that convenience comes at the cost of security has led to a siloed approach to enterprise security. Time-consuming authentication processes can create bad website experiences that turn customers away. Yet, cyber attacks can do more damage to CX than a bad web experience, so many organizations sacrifice smooth CX for security. Instead, they should balance security and the customer journey with seamless, sensible and consistent security measures for critical services and systems.
  • Protection. In addition to convenience, customers expect security by design. People want frictionless experiences across authentications, logins and cross-channel interactions without compromising security. A growing list of privacy laws reflects customer demands for more privacy options -- including the ability to opt out, refuse cookie trackers and request data expungement.
  • Cyber attacks. As digital channels widen the CX domain, the potential for cyberthreats such as account takeovers, fraud, phishing and ransomware increases. The pandemic also accelerated these trends, as remote work measures prompted organizations to expand their digital channels. Additionally, customers spend far more time online now than before the pandemic, which opens the door for more cyber attacks.

5 steps to integrate customer experience security

To integrate security into a CX strategy, organizations should embrace collaboration, personalize security controls, identify attack vectors and more.

1. Start with culture

Organizations should encourage a culture of collaboration between security teams and other departments such as IT, product, customer service and marketing teams. Every department plays a role in customer experience security and should all be trained accordingly.

2. Align security with the customer journey

CX leaders have a clear sense of how different customer segments or personas engage with their organizations. CX teams use research, maps, tables, A/B testing and analytics to determine types of customer personas and their preferences, common paths and touchpoints throughout the customer journey.

Organizations should tailor their security measures to specific personas and specific phases of the customer journey. Just as customers differ in their preferences, in each journey phase they can differ in awareness, pain points and requirements related to security, privacy, data and device governance.

Journey phase Questions to ask Common CIAM functions
Awareness How do different personas manage common digital security actions such as password tracking, registration and mobile authentication?
  • Secure credentials
Consideration

As prospects evaluate services, what levels of education and support, such as Q&As and customer service, could create trust?

How can account registration and onboarding engage users around security?

  • Secure credentials
  • Account login
  • Account and device registration
  • Account security and privacy customization
Decision

How can CX teams enable seamless and secure web experiences when customers make an account with an organization?

What interfaces, such as account and password settings, can enhance UX and maintain security?

  • Account login
  • Password reset and recall
  • Multifactor authentication
  • Device recognition
  • Identity proofing
  • Fraud detection
  • Data privacy and compliance
Service and retention

Will different personas require different security configurations, such as session lockout duration?

How can touchpoints that promote customer flexibility -- such as logins, portal access, customization and bill payment -- improve security?

What is the plan for when a breach occurs?

  • Reauthentication
  • Account security and privacy customization
  • Password reset and recall
  • Anomaly detection
  • Automatic lockouts
  • Session policies
Advocacy

What ideas or new policies for security enhancement can organizations use to incentivize customers?

How can organizations design secure account termination processes based on personas?

  • Account management
  • Account reactivation
  • Account deactivation
  • Account termination
  • Deprovisioning
  • Data privacy and compliance

3. Develop attacker journey maps

As organizations integrate security into CX strategies, they should create attacker journey maps. These offer a view of all potential attack vectors, such as phishing and malware. Attacker journey maps, along with tools like vulnerability scanning software, can help organizations find systems' weak points.

Cybersecurity groups, such as the SANS Institute, offer research and training to help organizations identify areas that need stronger security controls, such as reauthentication, mobile device management and timeout and logout functions.

4. Apply CIAM controls to high-risk areas

If organizations assess weaknesses and security requirements across customer and attacker journeys, they can find where and how to apply CIAM controls. Organizations often start with their most critical attack vectors, then apply CIAM functions such as multifactor authentication, identity proofing and anti-fraud verification to secure vulnerable areas.

Ultimately, modern CX should meet -- and protect -- customers where they are.

Organizations should tailor CIAM functions to specific attack vectors. For instance, to protect against compromised credentials, organizations may implement stricter password policies and two-factor authentication. To prevent encryption weaknesses, on the other hand, organizations can craft policies that enforce encryption in flight and at rest.

5. Define and maintain governance policies

Organizations need governance, risk management and compliance to keep up with evolving security and CX landscapes. Research, attacker journey maps and CIAM controls can help organizations integrate security into CX, but they aren't one-and-done solutions. Business leaders must repeat and update their security and CX strategies as customer preferences, digital channels and attack vectors evolve. They should also develop metrics for success and engage with partners and stakeholders to share and learn from best practices.

Ultimately, modern CX should meet -- and protect -- customers where they are.

Next Steps

How to create a customer journey map -- with template

Dig Deeper on Customer data management