Security is more than Smart Tech

Are Your Customers’ Details as Safe as You Thought?

You probably assume that Amazon — the world’s second-largest online retailer — has security as impenetrable as the FBI’s. As much as a big brother Amazon seems at times — like when they suggest products we really do want — we seem to feel pretty safe with all of the personal and financial information they know about us. But the larger-than-life e-commerce site may not be as tough to crack as we once thought. CIOs are so often hyper-focused on their tech security, but it may be time to take a good, hard look at customer service risk to make sure clients aren’t being targeted.

Amazon’s Not-So-Foolproof Backdoor

In a new post on Medium, an Amazon user put the retailer’s customer service backdoor to the test. After receiving several e-mail updates alerting him of recent customer service interactions — which clearly were not performed by him — the user discovered that Amazon’s chat service had given out his address and phone number to someone posing as him, presumably looking to steal his credit card information. Crazy, right?

When he reached out to the company to request tighter security measures on his personal information, he pretty much got nowhere fast. The user decided to remove his real address from his account and then, after yet another breach, closed it for good. So if Amazon has holes in its security plan leading to lost customers, the rest of us could, too.

Different Flavors of Hacking

When most of us think about hacking, we think about gaps in our technology, not loopholes in our processes. Even though security is a growing department at many companies, this often falls under the CIO’s responsibility. While creating customer service processes to improve security may initially seem far outside the role, technologists (as most CIOs and teams are) have a unique ability to think through many scenarios to create comprehensive solutions. We think that skill could be greatly beneficial to avoid an incomplete customer service security process.


Originally published at prototype1.io on February 17, 2016.