The Oracle Australia and New Zealand Middleware and Technology Blog.

Monday, July 14, 2008

Customer Service

I was in Canberra last week to attend a Governance, Risk and Compliance workshop - interesting stuff I know and little to do with customer service so I will get on with it.

Without a doubt I experienced my most disappointing stay in a hotel, and I have stayed in a lot of hotels across. It was zero degrees outside so I decided to order room service at approx 6:30 and was told it would be in my room within 45mins. No problem until 1 hour later i realised stomach growling that my dinner wasn't in the room. A polite call from the kitchen then informed me that it would be 10mins. I appreciated the call however 20 mins after that call hunger pains had grown and the mini bar chips look appealing. I tried room service but couldn't get through so i called reception. The gentleman on the phone kindly informed me that the kitchen was busy and my meal would come. This wasn't reassuring in any way and I requested he contact the kitchen and follow up on my meal. He didn't want to follow up what i thought was a reasonable request so then I demanded he follow up. I was informed that I could receive a call back straightaway. Unless Canberra runs on a different time (which I probably does) I waited about an additional 20 mins. Once My Name Is Earl finished I realised it was 8:30 and I had enough so I rugged up and left my room informing the reception on the way out that I won’t be needing my meal if it was even getting prepared. On top of this my wireless internet didn't work in the morning and the reception with the same 101 of how not to treat a customer stated it often doesn't work and you need to ring the carrier. I found this unacceptable since the hotel offered to empathy and simply handed the problem back to me. So when i checked out i politely told the duty manager that the hotel needs to review its customer service and that i would refrain from staying at this hotel chain ever again. It’s poor when a hotel targeting business can't feed you and can't provide broadband to get email or check my facebook page :-).

So what’s this got to do with IT, let alone anything else? Well the next morning at a very informative workshop on Governance, Risk and Compliance - (don’t yawn) the issue of customers came up time and time again. I gained some interesting insight into what we as IT solution providers need to look at and how we are slowing adoption of these technologies due to poor execution especially around the end customer. Take for instance Identity Management or IDM. IDM has tremendous benefits for an organisation, and most security vendors can rattle of numerous reasons why an enterprise needs to lock down data, lock down access ect. But what we fail to tell you is that by doing this - i.e. locking down access, providing single sign on or reduced sign on we are reducing the risk for the enterprise no doubt but we are in fact pushing more risk for no reward to the customer of that enterprise. For instance take Internet banking, we all do it and the banks encourage us to do this. It’s relatively simple and thanks to the EFT legislation the banks assume the risk if something goes wrong. However what happens if Grandma Simpson (real name changed to protect the identity) isn't aware she has a key logger on her PC, and the bank can prove through negligence that she is at fault for the fraudulent transactions. I am not stating today this scenario would occur but it could in the future. Where you may be responsible for ensuring your connection, identity, access control and data is secure and encrypted. This would of course benefit the banks but not you since the onus would be on you to keep everything up to data and functioning. What this means is that when we are talking to an Enterprise about security, yes it’s important to mitigate risk but we need to look at if we have simply shifted the risk profile. If so what benefit does the consumer get if they are assuming the risks? The benefit could be better portability of information or maybe reduced fees.

The other interesting topic covered involved those clever Swedes. In this Nordic world most enterprises are adopting technology that mirrors banking security and banking access methods. Most of us leverage these technologies and are familiar with how to use their multifactor authentication, so why not adopt these same or similar technologies so you can have the same look and feel for access to all social, business and government sites that exists. It without doubt adds to the customer satisfaction. And again is food for thought when designing complex multifactor login systems to look at what already exists, is familiar.

If only i could get that hotel I won’t name to look at customer service.

Thank you for listening to my rant.
Carl Terrantroy

1 comment:

jacksmith said...

I would also like you to inform about some more about IT Governance and Compliance
IT governance, risk and compliance (IT GRC) is about striking an appropriate balance between business reward and risk. The maturity of IT GRC practices for managing reward and risk has a direct impact on the organization. IT GRC encompasses the practices for delivering: Greater business value from IT strategy, investment and alignment, Significantly reduced business and financial risk from the use of IT, and Conformance with policies of the organization and its external legal and regulatory compliance mandates. IT GRC energizes the entire organization to imagine what it can achieve, establishes methods for achieving their objectives, and demonstrates the practices that are proven to work for minimizing business and financial risk. Fundamentally, IT GRC is about striking an appropriate balance between business reward and risk, enabling an organization to more effectively anticipate and manage business risk while more effectively delivering value for the organization. IT governance, risk, compliance, IT GRC, White paper, compliance survey report, 2008 compliance report. You can also get more information from