Retailers are creating and collecting more and more information through online interactions with customers, but less than half are protecting it with appropriate security technology and policies.
According to research by IDC Retail Insights, only 46% of retailers in the EMEA region have technology and policies in place to deal with interactions such as those on blogs or social networks.
Retailers are harnessing mobile technology and social media as ways of engaging with customers, running promotions and even completing transactions. Linking these technologies and platforms to back-end systems such as CRM software is important if retailers are to benefit from the information generated by interactions, as is securing the information collected and the interactions.
Retailers must strengthen security
But IDC's research found the awareness of appropriate security policies and best practices among retailers in EMEA is poor.
"Where policies and strategies are in place, there is often a wide gap between good intentions and operational execution and implementation. It is encouraging to see that retailers are at least starting to align security investment with the needs of the business. However, there is still much work to be done as many organisations appear to lack basic monitoring of security events, their frequency, nature, or source. Retailers show little concern in terms of securing IT infrastructures despite the growing need to interact using mobile and social networking," said IDC.
The analyst company warns retailers to be better prepared to secure their infrastructures with the increased adoption of cloud computing, Web 2.0 technologies and mobile applications.
It says some retailers are considering outsourcing due to a lack of knowledge and resources needed to cope with the additional security requirements.
Cloud providers better at security
Cloud suppliers could provide the answer for some retailers, according to Christine Bardwell, EMEA research manager at IDC Retail Insights. "When compared with poor in-house security architecture, cloud providers are likely to be better at security owing to their ability to keep up with latest technologies, resource the best staff, and develop procedures and policies closely scrutinised by customers and regulatory authorities. Nevertheless, data security continues to move up the agenda in retail organisations as the fear of security threats grow more than ever."
IT service providers have added products and services to support corporate use of social media. Indian service provider Infosys, for example, has introduced a platform, known as iEngage, which supports the use of tools such as Twitter and Facebook in business.
Capgemini has introduced social media consulting as part of its digitalisation strategy.
Retailers were put under the spotlight in 2007 when the card details of 45.7 million customers of TK Maxx's US parent, TJX Companies, were stolen by hackers. The attackers reportedly began their assault on TJX by exploiting Wi-Fi weaknesses at a store.
- Read how furniture retailer Habitat got into trouble when it used social media to promote its products.