Editorial: Marketers can take steps to prevent data breaches
Arrests were made last week in the largest data breach case ever - 130 million credit card numbers were stolen earlier this year from five corporate entities.
The good news is that the US Department of Justice is on the case. But this was only the latest in a long line of data fraud incidents. This week's issue contains a story that looks at the ongoing problem of data security and how it affects marketers.
Many companies have sophisticated security and encryption measures in place to prevent customer data from being compromised by hackers, enlisting the IT team as the first line of defense. They should also be sure to consider internal measures to keep customer data safe within the company. This is especially true for larger companies.
Data expert Bernice Grossman, principal consultant and founder of DMRS Group, a database consultancy, put it this way: "You want to make it so difficult that no one can steal your data from the inside." Those internal measures include setting corporate policy around data use in order to guard against abuse.
To do so requires strategy beyond what your IT department is doing. Marketers own a great deal of customer data. They need to insist on a seat at the table. They should play a pivotal role in scrutinizing how that data is used and by whom.
Grossman calls data "the crown jewels," and she is right. You can't do business without customers. Data are among the most important assets to any marketer.
The marketing department needs access to certain kinds of customer data in order to market, while sales and finance departments may need access to other levels of data. No one department should have the ability — or need — to troll through the entire set of customer data. All departments need to participate in the development of corporate rules that relate to data security because everyone has a piece of the data pot.
Many companies have a narrow view of customer data protection, and that is something that has to change. As Jonathan Penn, an analyst at Forrester Research who specializes in security and privacy issues, says, "It's about allowing appropriate use of data and the context of use of that data."
It would be wise for marketers to step back and spend time putting controls in place that are driven by the context of the customer interaction, so that employees in the call center, for example, have access to specific customer records in order to service a client, while the finance department has access to the payment information or Social Security numbers. It is only then that some of the leaks can be plugged, allowing marketers to get back to the business of marketing.