Enterprises are increasingly operating in a dynamically changing and fluid environment. They are constantly changing gears just to keep pace. CXOs are constantly looking for ways to overcome or create disruptions in a world becoming increasingly complex. Infosys Consulting Blog gathers a community of subject matter experts who are driving pragmatic conversations around that which is changing and that which needs to be rethought, redefined and redesigned for enterprises to achieve market-leading performance roadmaps.

« April 2013 | Main | June 2013 »

May 2, 2013

Social CRM Tech Trends -Twitter and Data Security


The recent news about the hacking of the Associated Press's (AP) Twitter account has once again highlighted the topic of social media and data security. When a reputed organization like the AP is hacked and misinformation spreads via their Twitter channel, it is natural for IT managers to be concerned, especially when internal customer relationship management (CRM) applications, such as Salesforce, interact with public social media.


There are a couple of methods for Salesforce to connect with Twitter:


1. The "Social Accounts, Contacts, and Leads" feature within Salesforce.


2. The "Salesforce for Twitter and Facebook" app downloadable from the Salesforce AppExchange.


In this blog I will focus on the first method. The "Social Accounts, Contacts, and Leads" feature is useful when sales persons seek an additional avenue to better understand and serve their customers' needs. They are able to see the public Twitter profile of customers from within Salesforce. The sales persons can log into their own Twitter account from within Salesforce and then connect their Salesforce and Twitter accounts. Then they can associate a customer's Twitter profile with the corresponding record within Salesforce.


Does this feature pose a potential threat to the security of the customers' information? Not necessarily. First, the Salesforce - Twitter connection is a one-way application programming interface, making it unlikely, if not impossible for someone to use Twitter to access customer data on Salesforce from the outside.


Second, Salesforce does not store Twitter data, nor does it post updates to Twitter, which rules out the possibility of an AP-like incident where hackers used Twitter to spread misinformation.


Finally, this is safe from a user credentials sharing perspective as well. Based on the OAuth protocol, this feature enables Salesforce users to access information on Twitter without having to share the Twitter password with Salesforce.


Therefore, I believe that the "Social Accounts, Contacts, and Leads" feature is secure and allows Salesforce users to safely view their customers' Twitter profiles.


What are you concerns about data security when using social media for CRM? What safety mechanisms would you like to see that can prevent hackers from accessing your customers' information?