Author(s) | Collection number | Pages | Download abstract | Download full text |
---|---|---|---|---|
Hileta I. V., Кіселик Р. О., Карнаухов В. А., Коминар Т. Н. | № 1 (70) | 72-82 |
![]() |
![]() |
The article presents a methodological approach to the development and use of criteria for assessing the performance of CRM systems, based on a combination of strategic and operational indicators. The problem that the study is aimed at solving is the lack of a unified set of indicators and an integrated evaluation model that can take into account both quantitative and qualitative aspects of CRM functioning. Therefore, the work has formed a system of criteria for measuring performance, which provides an objective and adaptive assessment of the effectiveness of using CRM technologies in various business contexts. The methodological basis of the study is content analysis of literary sources, expert surveys and the use of multi-criteria evaluation methods. A procedure for weighting criteria is proposed, which allows synthesizing an integral performance indicator. This makes it possible to compare different CRM systems, as well as promptly identify weaknesses and reserves for further improvement. To reduce cyberattacks such as lateral movement risks in the event of compromise of one of the microservices, it is proposed to implement inter-service communication according to the mTLS principle, and configure database access policies according to the least privilege principle with role-based privilege restrictions, i.e. only those that are vital for performing only the functions provided by the role. All database requests should go through logging wrappers that send events to the central SIEM system, where they are analyzed for anomalies. This allows not only to track incidents, but also to form behavioral profiles, based on which dynamic reassignment of the access level is possible. The importance of insider threats to authorized users is indicated, which requires imposing additional session restrictions.
The scientific novelty of the work lies in the fact that it is proposed for the first time to combine ML-oriented analysis of SIEM telemetry with dynamic adjustment of RLS policies in real time, which implements the AdaptiveDatabaseSecurity concept. The practical value of the research lies in the construction of a replicable methodology for implementing multi-level protection, suitable for cloud and on-premise CRM installations, which is confirmed by laboratory experiments.
The results of experimental testing indicate the practical relevance and versatility of the developed approach. The application of the methodology allows you to optimize resources, increase the accuracy of management decision-making and stimulate the development of a customer-oriented strategy of enterprises. Further research can be aimed at automating the assessment process, integrating with intelligent systems and expanding the methodological base.
Keywords: CRM system, database protection, RBAC/ABAC, TransparentDataEncryption, row-level security, ZeroTrust, STRIDE, MITREATT&CK, SIEM, CVSS risk assessment.
doi: 10.32403/1998-6912-2025-1-70-60-71