Whitepaper: data security – a marketer’s guide to keeping your data safe

In this article, Simon Bowker, managing director of eCircle UK details the importance of implementing consumer data protection and provides tips on how to do so. Subscribers can download a copy of eCircle's whitepaper “A Marketer’s Guide to Keeping Your Data Safe”, which provides additional information on data security and crisis management.

Data is an essential part of the modern marketers’ toolkit, but it can be challenging to manage and protect. The security and privacy of customer data should therefore be a top priority for every single company that is active online and storing business data. This applies to all forms of marketing, but email can be especially vulnerable as many businesses use sophisticated segmentation and targeting campaigns that involve keeping a lot of data on file.As email remains the preferred communication channel for most consumers, it is vital marketers take the necessary steps required to protect their data, or face the very real – and potentially extremely damaging – risks. Brands may understand that trust is at the heart of every email programme, but in order to establish trust with consumers, they need to make sure that their customers’ data is protected. Underestimating the importance of data security could put your business at risk and pose a serious threat to your brand’s reputation. One of the simplest and most direct ways to deal with this is by educating your employees and colleagues about phishing scams, security breaches and risks, as well as how to prevent the spread of viruses. These days, companies have access to more personal customer data than ever before, so it is vital everyone in your company takes it seriously. Having a robust data policy in place will greatly add to the level of trust your customer is willing to place in your hands. By specifying policies and controls to all staff regarding what can be stored on user desktops/laptops/PCs and ensuring that all internal departments are aware of the policies so they can be enforced, will help to keep your organisation protected. As well as reviewing internal processes, business must be aware of the policies and security measures of any third party systems and vendors. A good ESP will also be able to provide you with a full email audit when you begin working with them. This should include reviewing your database and ways to update and improve it, as well as a security check to ensure all systems have the necessary security protection measures in place. If you’re outsourcing your email marketing to a third party, you should invite your IT teams to meet with the ESP. Responsibility for data security should clearly defined between your organisation and a third party supplier. It is also vital to understand Personal Identifiable Information (PII) and how it affects email. PII refers to information that can be used to uniquely identify, contact or locate a single person or can be used with other sources to uniquely identify a single individual. Many brands will affirm how seriously they take PII when discussing their protection of their customer’s PII. However, many make the mistake of assuming that PII just covers personal information such as name, gender etc. An email address is also considered to be PII and therefore needs to be equally protected as much as possible. Another common mistake many companies make is transferring data files via email attachment. You should only ever send files via an SFTP (Secure File Transfer Program). This will ensure its safety and integrity is kept intact, unlike standard FTP, which encrypts both commands and data, preventing passwords and sensitive information from being transmitted across the network. Having a data security strategy in place offers your staff, stakeholders and most importantly your customers, peace of mind. A carefully considered Crisis Management Plan or Business Continuity Plan (BCP) will help you cope more easily in a potential crisis, enabling you to minimise disruption to your business and most importantly your customers. Ensure you put your plan in place, and that it’s reviewed and tested on a regular basis. The policy should cover management commitment to information security within your organisation, and who is responsible for implementing the policy. This allows your business to react quickly and effectively to a data security incident. In the unfortunate event that your data is compromised (e.g. corruption, phishing attacks, fire damage etc), a good plan and reliable on-call response team can greatly help to reduce the damage caused by a breach. Brands that are the quickest to adopt new standards and regulations are able to show greater transparency and benefit from greater trust from their customers. Organisations must ensure the best data protection processes are embedded in their business and that staff are kept up to date with the latest security issues and procedures to tackle them. To be blunt, any organisation is a potential victim and in a society where instant communication is what we’ve come to expect, it’s easy to take email for granted, but there is absolutely no excuse when it comes to data security. For additional advice and tips on how to keep your data safe click below to read the full whitepaper – “A marketers guide to keeping your data safe” – including some top tips to consider when creating your data security policy and crisis management plan. Keyboard image via Shutterstock