Best protect your data

Protecting your customer data from falling into the wrong hands should be at the top of every business’ agenda. Simon Bowker, UK managing director at eCircle provides tips on how to keep your primary asset safe

Data is an essential part of the modern marketers’ toolkit but it can also be challenging to manage and protect. The security and privacy of customer data should be a top priority for every single company that is active online and storing business data. Email can be particularly vulnerable as many businesses use sophisticated segmentation and targeting campaigns that involve keeping a lot of data on file.

It is critical that businesses take the necessary steps to protect their data, or face the very real and potentially extremely damaging consequences. Suppliers, agencies and brands must advocate best practice with a clear data policy and a well communicated data strategy in place. To protect your customer data, follow the best practice guidelines below.

1. Restrict access

Data is arguably one of the most valuable assets of a business, so it’s vital everyone in your company takes it seriously. In preparation for the worst case scenario, businesses and suppliers must ensure a strong and clear plan is in place to protect the data and ensure this plan is shared with staff. Ensure only staff members that need access to data have that privilege.  

Decide which staff members will take responsibility for data security in your organisation. A data security officer whose entire remit is to oversee this area is a wise investment for many companies. What are the implications of a breach to you and your customers? How will you engage staff so they understand the lengths people may go to get hold of your data and how can they prevent this?

If your data is jeopardised (e.g. corruption, phishing attacks, fire damage), a good plan and reliable on-call response team can greatly help to reduce the damage caused by a breach, allowing your business to react quickly.

2. Conduct regular audits

Brands that are quickest to adopt new standards and regulations are able to show more transparency and will benefit from greater trust from customers. Keeping at the forefront of technical developments in the industry, and regularly revisiting your systems and processes, will reassure your customers of your on-going investment in security.

Data security certifications – such as the ISO 27001 security management standard and the Direct Marketing Association’s DataSeal standard – allow data suppliers to demonstrate they have implemented appropriate information security measures, providing reassurance to businesses that their supplier will use the highest standard of best practice when dealing with its data. Suppliers must ensure their systems are subjected to regular external security tests.

As well as reviewing internal processes, businesses must also be aware of the policies and security measures of any third-party systems and vendors.

3. Have an escalation plan

The period after a security breach is absolutely time critical in terms of communicating with the authorities, businesses, regulators and protecting your reputation. Businesses must work quickly to identify the source of unwanted activity and contain it, in order to determine the full extent of a breach and prevent the incident from reoccurring.A clear crisis management programme, preparing for the worst case scenario and managed by your data security officer, will clarify the hierarchy of communications and give step-by-step directions on what needs to happen in these situations. When preparing your crisis management plan, remember to consider the wider impact and implications a breach may have and how this may affect your stakeholders. Understand who needs to know about the problem if a crisis occurs and have a clear idea how you want to do this. Effective communication to clients is essential to reassuring them that their data and vital information is safe – regardless of whether they have been affected by an attack or not. 

Don’t wait until after the attack has happened and rumours are circulating. Positive reassurance to stakeholders that you are developing and improving the way you handle the data will send a strong message that you are taking a threat seriously. 

4. Ensure on-going investment

Businesses need to invest in data security through the purchase of new systems and technology, by hiring the best people to manage the process and implementing regular training programmes. Many businesses will also have the additional complications of working with a number of marketing agencies who will have access to some or all of their database. Make sure you have proof that third parties have the appropriate security checks in place. How will they maintain this high standard and are they audited by any external trade bodies or accreditation schemes?

Just as your security measures evolve and develop, so does the sophistication of data attacks. There is no room for complacency. Being aware of the latest data breaches will help you spot problems before they arise. It is also worth implementing a system with spot checks to ensure procedures are being followed properly. Most importantly, don’t ever let the people within your organisation forget the risks.

 

Related content

Access full article

B2B strategies. B2B skills.
B2B growth.

Propolis helps B2B marketers confidently build the right strategies and skills to drive growth and prove their impact.