To say that the pandemic accelerated the growth in online shopping, as more people chose to make purchases from the comforts of their home, is an understatement.
Digital interactions on a rise
As per a survey titled IBM Consumer Security Study – India Report, conducted by Morning Consult, on behalf of IBM Security, there was a considerable increase in digital interactions during the COVID-19 pandemic across retail, grocery, restaurant, and pharmacy segments.
The pandemic even pushed most Indians to embrace digital payments as cash was perceived as a potential carrier of the virus.
Not surprising then that, as per RBI, digital payments are expected to jump to 1.5 billion transactions a day in the next 4-5 years from 2.8 billion transactions a month in June this year.
This trend is here to stay, as most Indian respondents are likely to continue digital-first interactions because of the convenience it offers, and because of the continued fears of the 3rd wave.
Convenience over security
A worrying trend, however, eminent from the survey, is that Indians are choosing convenience over security. Picture this:
- 47% of the respondents said that they use the same credentials across online accounts.
- 49% said they store their online account information in their memory and 35% said they store it on a piece of paper.
“The onus of protecting customer data, as consumers remain casual, lies with the enterprise. We are seeing a lot of fintechs, e-commerce companies, and banks reach out to seek help for protecting their crown jewels – sensitive customer data,” says Tushar Haralkar, Security Software Technical Sales Leader, IBM Technology Sales, India-South Asia.
With convenience comes risk
As per IBM Security X-Force, incidents involving e-commerce threats have increased nearly 400% since 2018, globally. Additionally, the Morning Consult survey tells us that four in ten Indians would avoid using an online platform to shop or place an order over concerns over privacy.
Additionally, the Personal Data Protection Bill, which is currently being analysed by a JPC, could result in penalties of up to INR 15 crore for non-compliance with personal data requirements.
So, what does all this mean for businesses looking to increase their focus on online interactions?
To thrive and grow in this booming market, businesses need to build loyal customer relationships.
“The best relationships, as one would imagine, are built on trust. And trust takes years to build, seconds to break and forever to repair,” says Tushar.
Customers trust businesses with their data – all kinds of it, personal, demographic, and financial data. And businesses need to repay that trust by protecting this data and customer privacy.
However, with a recent string of breaches, customer trust is on shaky ground.
Zero trust to protect customer privacy
“The need of the hour is to create a stronger security posture and limit potential risk. Businesses must protect privacy across a growing number of digital touchpoints,” says Tushar.
But how do you do that?
To assure the greatest levels of security and protect customer privacy, businesses in India that are looking to increase their focus on online selling should consider adopting a ‘zero-trust’ approach.
Given that sensitive data is pervasive, interspersed throughout the organization, businesses need to consider implementing privacy measures that extend data protection across the entire enterprise.
A zero-trust approach to data privacy and security never assumes that any user, application, device, or process is trustworthy. Instead, it continuously evaluates whether someone or something should have access to sensitive data based on contextual information. This continuous verification relies on context so that every user, every device, every connection must prove a legitimate need.
In addition, data privacy regulations require clear and transparent user consent management. Many businesses lack the processes to effectively obtain and track consumer consent. Hence, it is important for personas like developers and privacy officers to have the ability to collaborate quicker and more accurately to embed requirements directly into applications while automating away unnecessary repetition. Adoption of zero trust approach enables that enterprise-wide collaboration.
To summarize, nothing is perhaps as important to an organization’s brand reputation as keeping its customer data private. Zero trust approach provides organizations with adaptive and continuous protection for users, data, and assets, plus the ability to manage threats proactively.
The practice of never trust and always verify aims to wrap security around every user, device, and connection for every single transaction, and in the process helps CISOs safeguard their crown jewel – sensitive customer data – against cyber threats, by making data access limited and conditional.
It can help organizations protect customer privacy with access controls that are based on least privilege, giving access to only those with a legitimate need and for the agreed-upon purpose.
“Zero trust is always on the job to proactively find and address a compromise quickly and effectively,” concludes Tushar.
To find more on the topic, click here