A data breach can now cost a company up to $3.92 million; so it is little surprise that it has become a boardroom issue. It’s also an area of focus for the marketing department, which holds large amounts of sensitive data on which many of its campaigns are based, writes Uri Kogan of AI and cloud product company Nuxeo.
Marketing departments by their very nature are cybersecurity risks, simply because of the way they store and use data. Cybersecurity ‘bad actors’ are more than aware of this. They look to gain entry to data through holes in third party technologies that marketing departments use on their websites to track results, for example, or through outside software programs that require the exchange of sensitive data with agencies or vendors. They use fake emails or other messaging applications to infect systems with malware.
In addition, marketing departments face the prospect of a consumer backlash, thanks to high profile breaches in recent years that have dented customer trust in the way their data is protected and used. According to the RSA Data Privacy and Security Survey 2019, 57pc of respondents blame companies above anyone else, even the hackers themselves, if there is a data breach.
It goes without saying that all marketing content is confidential and sensitive and needs to be protected accordingly. At the same time, the way global marketing campaigns run have changed significantly over a decade. Today, there is much more localisation and personalisation, which requires extensive customisation of data. This inevitably leads to a plethora of data files and digital media assets that need to be tracked and secured.
This is an enormous challenge in itself given the breadth of the eco-system. This was spotlighted in recent research by Nuxeo carried out with sales, marketing, and creative professionals. Shockingly, two-thirds (67 per cent) of respondents admitted sensitive content is accidentally leaked externally at least once a quarter in their organisation. One in five (20 per cent) went as far as saying that this happens at least once a month.
The problem is that marketing departments are often not considered vital components when it comes to securing an organisation’s digital assets. This is something that needs to change quickly, if breaches are to be avoided. But how can they keep their content and data safe and successfully manage their digital assets?
Employees don’t usually leak data on purpose. It usually comes down to human error, lack of awareness or simply not having the right tools to manage sensitive content. This was another area highlighted in Nuxeo’s recent research. More than half of respondents (56 per cent) admitted to using their own personal apps instead of company-provided tools – shadow IT – to store and share company content. The problem here is that marketing departments want to do things fast, without being held back by the restraints that formal IT imposes on them. Shadow IT is a big issue for an organisation’s critical data and one faced by both IT and marketing. Modern businesses require cutting-edge platforms to secure their data and content, while also ensuring other authorised users can easily find it.
In a complex and inter-connected marketing eco-system, deploying a next-generation content management platform is a highly effective way of ensuring marketing content secure. Not only are they intuitive to use when searching, storing and accessing data irrespective of device or location, but they also come with security features to make sure data sits where it should and is only accessed by those with the correct authorisation.
Authentication – this is the first element in security around sensitive marketing content is authentication. Knowing exactly who the user is, and only allowing users to see the content they need to means security is heightened immediately. Each authorised user must be able to access all permissible data and content, and perform all permissible actions – viewing, editing, sharing – but nothing else. Searching for content then becomes more relevant too.
AI-enabled content management – content leaks, and misuse of content can occur in several ways. One example is an influencer contract that expires within the month. Across many territories this could be easy to overlook, but a content management platform that leverages AI could put in place rules to stop content relating to that influencer being published after the contract has ended, and even make recommendations for that content to be deleted or archived.
Protection – encryption is another important factor in keeping content safe. Traffic across a content management platform must be encryptable with SSL and be fully configurable for optimum performance. Further encryption-based protection can be found in AES encryption of content at rest (in storage).
Audit – utilising a full audit trail is a more defensive measure, but still very effective. It provides a detailed history of all historical users and system activity, meaning that if content has been leaked or an older or unapproved version of content is used, it is clear who is responsible. A next-generation content management platform provides this capability.
Marketing departments have had to be much more aware of data privacy than ever before in this era of digital marketing. Sensitive content must remain private and secure, and while this can be a challenge, the tools are available to ensure marketers stay on top of such an important discipline.
About the author
Uri Kogan is Nuxeo’s Vice President of Product Marketing. Nuxeo is a provider of content services and digital asset management solutions for firms including Banque de France, Verizon and Electronic Arts.
