Hi Joe,
I’m worried that we’re not doing enough when it comes to security in MOPs.
There are some pretty big gaps and I’m not quite sure what to do about it.
Thank you,
Concerned Casey
Casey, I can’t thank you enough for that question.
I don’t think we talk about security enough in MOPs—but we should.
Marketing automation software holds a ton of sensitive information, whether it’s user account details or some level of personal identifiable information (PII), and our customers trust us to keep it safe.
Particularly now, where marketing relies so much on personalization and connecting the dots between what our business offers and our customers’ needs.
If a hacker or bad actor gets access to a pool of customer information, you better believe they’ll use it for nefarious purposes.
After a company has been compromised, they’ll spend millions of dollars addressing their security vulnerabilities and the loss of reputation that comes with a cyber attack.
The MOPs teams and businesses that are doing security right are focusing on the following areas:
All of these variables influence how secure data is:
For instance, there’s no need for you to have your customers’ social security numbers—so don’t ask for them.
And if you do have passwords or PII on your marketing systems, you should look into encrypting or hashing them so that if a hacker gets their hands on them, they can’t read anything.
You can also evaluate whether there’s even a business need for this sensitive information on your marketing system.
Security savvy teams ensure that only the right people have access to the right data — at the right time.
It can be dangerous to have too many user accounts with permissions to access and manipulate the information on your systems.
Instead, you should take a look at all your roles and permissions, and limit access to the people who need the data on a daily basis.
Not everyone should be an admin.
In addition, conducting regular scrubs on your systems to remove any old user accounts will also ensure you’re not at risk of a disgruntled employee compromising your data or your systems.
With solid policies in place that let the right people in and keep the bad actors out, you and your team can focus on what you do best: marketing ops.
If you’re seeing gaps in any of these areas, you should absolutely have a conversation with your security team (if you have one) and your executives.
Be fully transparent about what you think is lacking, what the impact of those gaps are, and what the business should be doing instead.
If they ask you whether this is an immediate need, the answer is yes.
At the end of the day, securing your data is all about being proactive. You need to stay one step ahead of the bad guys—and avoid being the next big data breach in the news.
You’ve got this,
Joe Pulse