Protecting Consumer Data is Key to Brand Reputation Management

Your brand reputation — how people think or feel about your company — is among your most valuable assets. Organizations invest millions of dollars each year in brand and reputation management. And for good reason — 93% of U.S. executives believe nurturing consumer trust directly, positively impacts financial performance.1

Consumers play a significant role in a corporation’s brand reputation.

Consumers agree that trust is an important element in their relationships with corporations, and 90% say it is critical to their decision to buy or use a product or service. Opportunities for consumer engagement have grown exponentially with digital communication – and it’s not just paid advertising or social media. Consumers can freely share their opinions on a company and its products in forums, Google, Yelp, the Better Business Bureau and a host of other sites. All that’s required is a few keystrokes. Consider this:  

• Consumers read approximately 10 reviews before deciding whether a company is trustworthy.2
• Fifty-four percent of consumers trust reviews more than recommendations from friends or family.3
• Forty-nine percent of consumers exclusively buy from companies with a four-star or higher rating.4

Clearly, positive reviews are a significant driver when it comes to building consumer confidence in your brand. Consumers are not only seeking information about brands but are also willing to share feedback.

Corporations that engage in effective brand reputation management can heavily rely on word of mouth to drive sales. In fact, 58% of consumers are willing to pay a premium for products and services that receive high reviews.5

Given the importance of trust and high visibility consumer feedback, effective brand reputation management poses a critical question: How do you protect the relationship you’ve established with your customers? Positive customer experiences, quality products, reasonable pricing for value, regular communication and loyalty rewards are obvious answers. However, there is another key factor of growing concern to consumers — data security.

Consumers are increasingly concerned about how corporations manage their personal data.

Corporations generate an enormous amount of data, including locations and personally identifiable information that helps to customize a shopper’s experience. Consumers are keenly aware of the power and risk associated with their personal data. They understand that companies they buy from collect transactional data, as well as information on shopping preferences and habits. However, consumers prefer organizations collect data on a “need-to-know” basis and are increasingly concerned with what information companies track, collect and share, whether intentionally or not.

Mishandling consumer data can kill a company’s reputation. Consumers expect corporations to protect their data, with 83% citing data security as one of the most critical elements to earning their trust.6 When asked specifically about privacy, 80% sought assurances that their personal information won’t be shared.7

If a business’s data practices are unclear or inappropriately managed, consumers will vote with their wallets. Seventy-five percent said they will not purchase from organizations they don’t trust with their personal data.8

Corporations are responsible for safeguarding consumer data.

Corporations have a responsibility to responsibly collect and protect consumer data. Multiple federal regulations govern how businesses collect, share, store and protect consumer data, including:

• Gramm-Leach-Bliley Act
• Privacy Act of 1974
• Right to Privacy Act of 1978
• Fair Credit Reporting Act
• Federal Trade Commission Safeguards Rule
• Children’s Online Privacy Protection Act

States may also impose rules specifying how organizations should manage and protect consumer data, and there are global regulations as well.

• Payment Card Industry Data Security Standard (PCI DSS)
  All businesses that accept, process, store or transmit cardholder data must meet 12 requirements of the PCI DSS. Failure to comply can carry fines of $5,000 - $100,000 per month, as well as other fees and penalties.


• General Data Protection Regulation (GDPR)
  The EU-based GDPR governs how entities anywhere in the world collect and process the personal data of individuals living in affiliated countries. The law defines both the responsibilities of those collecting or handling data and the rights of those whose data is collected. The costs of maintaining GDPR compliance range from tens of thousands to millions, based on an organization’s size and data use.

In addition to their own data security obligations, corporations are responsible for vetting and monitoring third-party vendors to ensure they follow established federal, state and PCI DSS guidelines as well.

One of the most effective ways to strengthen your brand reputation is to respect your customers’ personal information. Establishing transparent communication regarding data practices and demonstrating a commitment to safeguarding personal information are integral steps in this process.

Proactively secure consumer data for enhanced brand reputation.

As digital transformation continues, protecting consumer data is essential to maintaining a good reputation. Corporations must implement security measures and training to safeguard sensitive information, as well as ensure transparent communication. These steps enable a thoughtful, effective response to data security threats.

1. Ensure network security.

   A strong security posture underscores data protection measures. Use firewalls, intrusion detection systems, and regular security updates to secure your network. Also, conduct regular vulnerability assessments and penetration testing to identify and address potential security weaknesses.

2. Collect only the data you need.

   Identify all the forms of consumer data you collect and how it's used. If you don't need it, stop collecting it. Also, be sure to clearly communicate processes for requests to remove or transfer consumer data.

3. Restrict internal access to data.

   In a recent survey, 40% of respondents reported their organizations’ data breaches stemmed from insider threats.9 Limit sensitive data access to authorized personnel only. Implement regular audits and access reviews to help maintain data security.

4. Practice “privacy by design.”

   Augment data security processes with features such as automatic timed logouts and strong password requirements. These practices demonstrate your commitment to safeguarding consumer privacy.

5. Educate employees.

   Employees are the first line of defense in protecting customer data. Be sure they know and follow your company's data privacy guidelines and processes. Host regular training sessions and updates on data security practices to reinforce the importance of data security.

6. Foster transparent communication.

   Consumers want to know when and why their data is being collected. Respond with clear communication that explains your data collection practices and policies. Transparency assures consumers that their personal information is managed responsibility.

7. Develop a crisis response plan.

   The time to plan a response to a data security incident is before it happens. Most regulations mandate that companies disclose breaches within a certain timeframe. So, be sure you have a written, actionable plan for mitigating the incident, as well as how you will promptly notify employees, customers and other stakeholders.

A proactive approach to data security showcases your commitment to protecting customer privacy and reinforces your brand's reputation for reliability and integrity.

Choose a partner with consumer data expertise and a proven track record.

The reward for securely managing consumers’ confidential information is trust and loyalty. So, it’s important to stay ahead of the latest threats and implement best-in-class data security measures.

As a trusted advisor to clients in multiple industries, Synovus can help your organization thoroughly assess risk and develop comprehensive security protocols to protect your customers’ data. For more information, complete a short interest form. A Synovus Treasury & Payment Solutions Consultant will contact you with details. You can also stop by one of our local branches.