Hi Joe,
I’m worried that we’re not doing enough when it comes to security in MOPs.
There are some pretty big gaps and I’m not quite sure what to do about it.
- How do I go about asking for help?
- Should I create a plan beforehand?
- How transparent should I be with leadership?
Thank you,
Concerned Casey
Casey, I can’t thank you enough for that question.
“I don’t think we talk about security enough in MOPs—but we should.”
I don’t think we talk about security enough in MOPs—but we should.
Marketing automation software holds a ton of sensitive information, whether it’s user account details or some level of personal identifiable information (PII), and our customers trust us to keep it safe.
Particularly now, where marketing relies so much on personalization and connecting the dots between what our business offers and our customers’ needs.
The risks of mismanaging this data are huge.
If a hacker or bad actor gets access to a pool of customer information, you better believe they’ll use it for nefarious purposes.
- Whether it’s selling that information to other cyber criminals or your competitors, using it to access your customers’ accounts on other high-value platforms, or blackmailing your company. There’s no shortage of ways your data can be used.
After a company has been compromised, they’ll spend millions of dollars addressing their security vulnerabilities and the loss of reputation that comes with a cyber attack.
The MOPs teams and businesses that are doing security right are focusing on the following areas:
Data integrity
All of these variables influence how secure data is:
- what data you collect
- how you collect it
- where you store it, and
- how you maintain it.
For instance, there’s no need for you to have your customers’ social security numbers—so don’t ask for them.
And if you do have passwords or PII on your marketing systems, you should look into encrypting or hashing them so that if a hacker gets their hands on them, they can’t read anything.
You can also evaluate whether there’s even a business need for this sensitive information on your marketing system.
Controlled access to your systems
Security savvy teams ensure that only the right people have access to the right data — at the right time.
It can be dangerous to have too many user accounts with permissions to access and manipulate the information on your systems.
Instead, you should take a look at all your roles and permissions, and limit access to the people who need the data on a daily basis.
Not everyone should be an admin.
In addition, conducting regular scrubs on your systems to remove any old user accounts will also ensure you’re not at risk of a disgruntled employee compromising your data or your systems.
Robust security policies
With solid policies in place that let the right people in and keep the bad actors out, you and your team can focus on what you do best: marketing ops.
If you’re seeing gaps in any of these areas, you should absolutely have a conversation with your security team (if you have one) and your executives.
“Good security should mean that you don’t have to think about security.”
Be fully transparent about what you think is lacking, what the impact of those gaps are, and what the business should be doing instead.
If they ask you whether this is an immediate need, the answer is yes.
At the end of the day, securing your data is all about being proactive. You need to stay one step ahead of the bad guys—and avoid being the next big data breach in the news.
You’ve got this,
Joe Pulse
