Over the past few months there have been a series of well-planned phishing attacks on our industry. The attacks have focused on assorted corners of our world: multiple email service providers (ESPs), a delivery assurance company, blue-chip brands, even a leading security/risk prevention company. The fact of the matter is that all businesses that collect, store, analyze, or send information are vulnerable. This, by the way, is not a new story; it's just currently getting some well-needed attention.
The first and obvious concern about the breaches is how much data was compromised and who now has access to it? Ultimately, this question will be answered and the respective damage control will ensue.
The bigger issue is well-beyond the unauthorized release of a large number of email addresses. We are standing at the edge of a precipice of consumer trust. If consumers don't believe they can trust you with their data, they won't give it to you.
The timing of these breaches in combination with a global call for better legislation or self-regulation about data privacy and data security raises the need for us to take a hard look at how we keep our clients' and their customers' personal and sometimes sensitive data secure.
We all know that it is impossible to be completely impenetrable. There are, however, many simple things that can be done to mitigate the risk of being comprised. Here are a few pointers to help protect your data:
You should also be thinking about how you would actually handle a breach. Do you have a plan in place to handle events like this? Here are a few suggestions on how to be prepared to deal with a crisis.
While the media frenzy around this subject has been sensationalized out of proportion, it has forced us to take a hard look at how we handle data security at our respective companies. The days of leaving your front door unlocked or your keys in the car at night are long behind us. It's finally time to dust off that punch-list of security fixes you've been meaning to get to for the past few years. We don't need new laws to tell us how to do this, just a little common sense. An ounce of prevention and preparedness will go a long way toward building trust with consumers and protecting the emerging online channel we rely on to do business.
Rick Buck is vice president of privacy and ISP relations, CIPP at e-Dialog, a provider of advanced e-mail and multichannel marketing solutions. Rick works with clients, ISPs, and privacy organizations to promote best practices around responsible marketing. He is an active member of the Direct Marketing Association where he sits on the Ethics Operating committee and previously served as the Ethics Policy committee chair. Rick is also a board member of the E-mail Sender and Provider Coalition (ESPC). Prior to his current role Rick served as vice president, business lists and data for Harte Hanks.
Rick is an accomplished speaker and author on such topics as e-mail deliverability, privacy, and CAN-SPAM compliance. Rick has over 20 years of experience in privacy, acquisition strategy, database management, and Internet marketing. He joined e-Dialog in 2000.
May 22, 2013
1:00pm ET / 10:00am PT
June 5, 2013
1:00pm ET / 10:00am PT