Digital marketing offers countless new ways to measure and analyze a campaign’s impact. Crunching those numbers for meaningful results often requires sharing sensitive data between your agency and internal systems, however.
So, how can your business safeguard the information your agency is collecting or that you’re sharing with them?
The Problem with Agencies and Stored Information
The steady stream of business data that is available at a moment’s notice can be priceless to marketers. Campaigns can be assessed at any stage of their lifecycle and the depth of data is more layered than ever before.
Despite the benefits offered, the information passed to and from your marketing agency can create serious problems. Between CRM records, contact form submissions, recorded phone calls, and other forms of data collection, there is an overwhelming amount of personally identifiable information at risk.
Overlooked onboarding and offboarding processes, minimal or nonexistent security, and other stored information issues can lead to careless marketing agencies compromising your business’s data as well as data and jeopardizing client relationships.
Three Things You Can Do Right Now
Stored information issues come in a variety of formats. There are known risks that can be accounted for as well as unknown risks that while unpredictable can still be planned around.
The best thing to do will always be having crystal clear agreements between all parties in respect to how data will be collected, used, and stored. This way, the issue is on everyone’s mind and if there are any gray areas, it’s known where and how to voice concern.
Here are a few things that your company can do to prevent stored information issues from damaging your business.
Access to information is critical for marketers, but control is often an afterthought once the agency has tapped into the flow of information. If your agency is in complete control of information and there are no redundancies in place, then a soured relationship or critical mistake could lock your business out of business critical data.
To handle this, ask your agency what platforms are recording data and make sure that your business always retains administrative access to those sources. Also, ensuring that control is limited to necessary interactions can diminish some of the risk.
For starters, you can check out SEER Interactive’s article on Google Analytics user permissions to make sure your Google Analytics account is correctly configured. Other systems you may want to review permissions for include:
- email platforms,
- paid media accounts,
- social media accounts, and
- directory listings.
This goes hand-in-hand with control. Limiting the number of users granted permission to information is one thing, but putting safeguards in place to prevent abuse is critical.
If you have a marketing agency handling confidential information then you should ask them about the types security they have to protect your information. Your own organization should have systems in place for this as well, to go along with the policies that determine best practices and how to react when a breach occurs.
Having a BYOD policy in place is becoming more and more important. For younger agencies, where equipment is generally provided by the employee, this can be critical.
Ask your agency if they allow personal devices to access their information and if they have a policy in place. Similarly, if your organization is allowing confidential information to be accessed from personal devices then you need to make sure that potential issues are understood and security measures are agreed upon.
Check out the Wikipedia entry on BYOD to learn more, as well as SearchSecurity’s article on balancing BYOD risks and rewards.
Stored information issues never seem to be a high priority problem, but they really should be. When issues crop up, they can be devastating for your business regardless of whether it’s your business or your marketing agency who is at fault.
Spending the time now to iron out these details can save you significant heartburn in the long-run.
Most newsletters suck...
So while we technically have to call this a daily newsletter so people know what it is, it's anything but.
You won't find any 'industry standards' or 'guru best practices' here - only the real stuff that actually moves the needle.