How to Respect Your Data Driven Marketing Customers’ Privacy
In data driven marketing, everyone is concerned to some extent about keeping their personal data personal. Identity theft is a potential nightmare lurking out there for all of us. You wouldn’t think of storing your credit cards, social security card, birth certificate, or passport in the glove box of an unlocked car; you keep them safely locked away.
Beyond your concerns about being fleeced by an identity thief, there are many things you simply don’t care to share with the world. You don’t publish your bank or investment records. You don’t post your medical records on social media sites. Simply put, you value your privacy.
Your customers feel the same way that you do about their personal data. It’s your responsibility to be your customer’s advocate with respect to these concerns. You should treat your customer’s personal data with the same respect that you treat your own.
How to protect customer information in data driven marketing
Your customer data is a valuable corporate asset. You need to make sure that security measures are in place to protect that asset. Doing so is to some extent a technical exercise. But hacking into your computers system isn’t the only, or even the most common, way for security to be breached.
In part, data security means ensuring that technical measures are in place to prevent your customer data from unauthorized access. Your IT department will help a great deal in this effort. Network security, database encryption, and robust password standards are all necessary tools in the effort to safeguard data.
For starters, you need to store your data on secure servers that can only be accessed by authorized users. That access needs to be restricted using the full breadth of your network security system. Passwords need to meet security standards. An employee shouldn’t be able to use their dog’s name as a password, for example.
Your database itself needs to be password-protected as well. Virtually all database management systems offer the ability to do this. They also offer the ability to restrict access to individual variables in the database. This extra level of restriction should be considered for particularly sensitive information like credit-card numbers or social security numbers as well as names and addresses.
Beyond restricting access to sensitive personal data about individual customers, you should encrypt this data. Even if the data is somehow downloaded, encryption gives you another level of protection against the data being misused. Encrypting this sensitive information is not generally a problem for your analysis efforts. Beyond zip codes, you aren’t going to be using addresses and credit-card numbers in your analysis and reporting efforts.
You also need to encrypt any data that you share with your marketing service providers. You’ll need to send lists to your mail service providers, for example. Whether you’re overnighting them on a CD-ROM or sending them electronically, they need to be encrypted. Vendors will typically have secure file transfer infrastructure already set up.
It’s generally not a good idea to send sensitive customer data, encrypted or not, via e-mail. It’s far too easy for e-mails to be intercepted or inadvertently forwarded. Using e-mail limits your security to a single layer of encryption, which can be more easily broken than the multiple layers provided by your servers and your secure file transfer channel on top of the file encryption.
Security is more than encryption in data driven marketing
It is becoming increasingly common for advanced computer security systems to be thwarted by decidedly unsophisticated means. A laptop is left in the backseat of an unlocked car while the owner picks up their dry cleaning. A memory stick is left in the break room. A printout of passwords is thrown in the trash bin. All these situations provide an opening for opportunistic criminals.
You have a responsibility to protect your customers’ data. This means ensuring that security measures are in place in your organization. It also means being careful about what you say and do outside the office. Given the effectiveness of data security measures, sometimes the easiest way for someone to “hack” your system is to steal a laptop from your car in the grocery store parking lot.
As a general rule, you should not keep sensitive customer data on mobile drives or laptop computers that you carry around. You shouldn’t share passwords. You even need to be careful about who is roaming around your office. Good old fashioned con games can be the biggest threat to your data security.