How safe is your email database?

 “How safe is my data?” It’s one of the hot topics on the web today. In the past there have been several security issues on all sorts of services and websites. Just think about the Epsilon security breach and the attacks from the Anonymous movement. As consumers we are instinctively cautious about our personal data. We try to filter the trustworthy sites from the dubious sites, we are critical about putting personal data out in the open and we use very strict login procedures for our online banking services.

But remember, as an email marketer, protecting your data is a responsibility you shouldn’t neglect. That’s right: guard your own email database. Many companies have privacy statements on their sign-up pages that state that they will protect your data, won’t sell it to third parties, won’t use it to spam you, … Of course, these are all admirable commitments. But in order to meet those commitments, be sure to check if your email infrastructure —whether if it’s in the cloud or hosted — is tightly secured against hacks and attacks.

But how exactly do you check that security level? Here’s the checklist to get you going.

• Check if you have a SSL protocol between your web server and your browser. This method uses an authentication to check both ends of the connection. In general, you will see this as an ‘https://’ connection. Meaning ‘s’ as in ‘secure’.

• Make sure there is a clear written statement about the privacy of your database. This should at least mention that you are the sole owner of your email data and that it may not be sold to third parties or used for other activities.

• Find out what your ESP does to protect your data. This should include monitoring, a restricted access to the database, a security audit on a regular basis, unique login and passwords, which encryption method is being used for the data,…

• Your data will be no doubt stored in a data center. Make sure your ESP covers this by a firewall and limited persons have direct access to this data. A continuous check for viruses and Trojans is a must.

• Check what the policy is on a system-wide failure. Which type of redundancy is used to get everything back online? And is your data being stored offsite for a fast recovery?

• Only host the data in your email infrastructure that is needed for your email programs, such as segmentation data and personalization data. Don’t make an exact copy of your master marketing database to avoid all your data being made public in case of a security problem.

• Changing ESP’s? Ask in writing that your account is closed down immediately and request all data to be deleted permanently.

• Use different passwords for your online tools to avoid your personal and professional accounts from being hacked. And whatever you do, don’t store all your passwords in one document.

Conclusion: Team up with your ESP to find out what they do to protect your data and find out how you can maximize your own data security.



Leave a comment