data security

11月 012019

When I started working in data and analytics 30 years ago, information security wasn’t high on the agenda for organizations. That's changed with the rise of the Internet, and now that cloud is becoming more and more prevalent in organizations, information security is no longer just the domain of specialists [...]

Cloud security: Questions you need to ask when choosing a cloud provider was published on SAS Voices by David Annis

8月 032016

Data access and data privacy are often fundamentally at odds with each other. Organizations want unfettered access to the data describing customers. Meanwhile, customers want their data – especially their personally identifiable information – to remain as private as possible. Organizations need to protect data privacy by only granting data access to authorized […]

The post Who was that masked data? appeared first on The Data Roundtable.

4月 092015
Connected devices.

They all form the customer experience.

You may not have known it, but April 9 is Internet of Things Day – a day touted by its organizers as a worldwide event bringing together makers, entrepreneurs, industry leaders and citizens to discuss, design and develop the emerging Internet of Things (IoT). While it doesn’t have quite the pie-eating appeal of Pi Day (March 14), Internet of Things Day is an excellent time for marketers to take stock of the many connected devices and how they increasingly impact the customer experience.

Let’s consider first what IoT is: very simply, it’s connected “things,” devices, machines, tools or systems. They’re connected to each other, and they’re connected to the internet, meaning they can be connected to people in multiple ways.

Mobile technology and the near-ubiquity of Internet access now makes it possible to connect even the most mundane devices and enable users to monitor or manage them remotely. Increasingly, these things are wearable devices that collect data that is highly personal in nature, and in all cases there are enormous opportunities presented by IoT - generally falling into one of two categories:

  1. The ability for users to access the information from the device, and
  2. For marketers to gain real-time insights into the needs and behaviors of the device users.

And both of those categories have the ability to directly or indirectly impact the customer experience.

Customer Experience
One of my favorite stories of how those two categories come into play is how Vail Resorts uses RFID technology and analytics to fuel EpicMix: a groundbreaking online and mobile application that lets skiers and riders effortlessly capture and share their mountain experiences with friends, family – and the rest of the world. Through the outlet, guests can easily share stories and achievements without interfering with their powder day.

What happens is EpicMix tracks skier data, such as vertical feet, number of lifts ridden and days skied – and it awards digital pins for mountain exploration. Pins give the ski day a gaming aspect that motivates and challenges guests to experience the mountain like never before. The way it works is that radio frequency (RF) technology is embedded in every guest pass at Vail Resorts. This technology captures data and stores it, starting with the very first lift ride. The information is accessible in real time at and through the resort’s mobile applications.

In its first season, EpicMix was a huge success. Nearly 100,000 guests activated their EpicMix accounts. Forty percent downloaded the mobile apps and nearly 6 million digital ski pins were given out. On top of that, 45 percent of the users chose to share their accomplishments on Facebook and Twitter – resulting in more than 35 million social impressions. And what it did was turn their customers into brand ambassadors by enhancing their experiences at the resorts and letting them share them and savor the experiences over and over.

For more details about the Vail Resorts story, download this interview conclusions paper, called Vail Resorts Creates Epic Experiences with Customer Intelligence.

Marketing Responsibility
As we consider all the positive customer experiences enabled by IoT, we must also remember the responsibility that comes with that potential. As the steward of the customer relationship and its data, marketing should concern itself with managing and safeguarding customer data as the valuable corporate asset that it is. And considering the volume, velocity and variety of that customer data, it’s a classic Big Data challenge. Equally important is the idea that unauthorized access to that data pose potential dangers to our customers, so once you have customer data you need to safeguard it.

To delve further into the concept of big data privacy, a good starting point is this post by my colleague Tamara Dull, What are we doing about big data privacy?

For a nice high-level primer on data security, I suggest this post by my colleague Anne-Lindsay Beall, No happy holiday for hackers: Five steps retailers must take to beef up cybersecurity

And whatever you do, don’t let the day go by without considering how devices come into play for the customer experience. Let me know what you think. And as always – thank you for following!

tags: analytics, big data, customer experience, data security, Internet of Things, IoT, privacy

The post The Internet of Things: customer experience / marketing responsibility appeared first on Customer Analytics.

11月 142014

The Big Data MOPS Series with Tamara DullThe big data privacy discussion is subtle, complex and complicated – and we each have a role to play. What’s yours going to be?

It was 9:53 AM. Sarah was racing against the clock: she wanted to finish a long overdue email to a Canadian colleague before her team’s weekly 10:00 AM meeting. Just as she clicked the ‘Send’ button, her manager, Mason, appeared outside her cubicle.

“Are you headed to the meeting?” he asked her.

“Yep, I was just heading over.”

“Great. I’ll walk with you. I was wondering if you had time after the meeting to go talk with Angie in HR. I got a call from her this morning, and a situation has developed that she wants to talk to us about.”

“What’s going on?” Sarah asked.

“I don’t know. She wouldn’t tell me. She said she wanted to discuss it with the both of us at our earliest convenience.”

“Well, I hope everything’s okay,” Sarah replied, trying not to think too much about it.

It was 11:05 AM. Mason and Sarah sat down in the two chairs across from Angie in her office. “Thank you for meeting with me on such short notice,” Angie began. “I wanted to talk to you about the summer picnic your department had a week and a half ago.”

Sarah remembered the event well. People were still talking about it and sharing the fun video she and her husband had put together and posted on YouTube. Even though the company didn’t sponsor the picnic, it wasn’t uncommon for employees to get together on their own time and their own dime.

“Do you know Nick over in Tech Support?” Angie asked.

“I know of him, but we’ve never met officially,” Sarah replied, and then she started smiling. “But we did get some great clips of him in the video we put together. That boy certainly knows how to party and have a good time!”

Angie continued, “Well, it seems that Nick is in a little bit of trouble. Did you know that on his drive home with his family after the picnic that they got into an accident?”

“Oh, wow. No, I didn’t!” Mason exclaimed. “What happened?”

“From the reports, Nick was too drunk to drive. His blood alcohol level was 1.2. He’s now been charged with a DUI. And what made matters worse for him is that the police department found your video on YouTube. Those ‘fun’ clips you mentioned of Nick knowing how to party – well, the police seem to agree.”

“Was anyone hurt?” Sarah asked, still trying to process everything she was hearing.

“My understanding is that no one was seriously injured – just the cars. Thank goodness!” Angie replied.

“I feel so bad. I know it wasn’t my fault, but the video that I’ve been so proud of going viral has just complicated things for Nick. I wish there was something I could do,” Sarah said.

Angie looked at Sarah for a few seconds, and then asked, “Are you up for doing an experiment with me?” Sarah nodded. “Good. Do you have a feather pillow at home?”

“I do.”

“Bring it into work with you tomorrow and meet me back here at 9 AM tomorrow morning.” Sarah had no idea what was up, but she was curious.

It was 9:00 AM the next morning. Sarah walked into Angie’s office with her pillow.

“Good morning! Let’s go downstairs to the café, grab some coffee, and sit outside,” Angie said to Sarah. She then grabbed a pair of scissors out of her top drawer, and the two of them went downstairs.

After buying their coffees, they found a nice table to sit at outside. Angie handed Sarah the scissors. “I want you to cut open your pillow and pile all the feathers on the table.”

Sarah thought Angie was a bit nuts, but she did as she was told. With all the feathers now on the table, Angie started talking about the event again. Sarah tried to pay attention, but she was distracted by all the feathers blowing away off the table. After about 10 minutes, she looked around at the feather ‘storm’ that had hit the café. And the sidewalks. And the streets. “What a mess!” she thought to herself.

Angie then told Sarah to gather all the feathers and stuff them back into the pillow case. Sarah knew now that Angie was indeed nuts.

“What kind of experiment is this, anyway?” Sarah snapped back. “There’s no way I can get all the feathers back. They’re everywhere! Even if I could retrieve most of the feathers, the pillow will never be the same again.”

“That’s exactly right, Sarah. And so it is when we share information on the internet. We could be sharing our own stories, or our kids’ stories, or even a “harmless” video of employees having a good time. In today’s digital world,” Angie continued, “the lines between our professional and personal lives continue to blur. We need to be mindful of what we’re sharing. Because what happens on the internet stays on the internet. Forever.”

Sarah knew what she needed to do. What do you think she did?

Author’s note: This is my adapted version of the popular "Feathers in the Wind" tale attributed to Rabbi Levi Yitzhak of Berdichev. I presented this story during my big data privacy presentation at the Social Shake-Up conference on September 16, 2014.

Originally written for and published on Smart Data Collective as part of the Big Data MOPS Series

Editor's note:

This tale of the "Feathers in the Wind" goes back over 200 years to the days of Rabbi Levi and perhaps before, yet its lessons still apply to our lives today. In our online world, those feathers are all like data points, and the task of controlling them might seem impossible. To recreate the pillow or to make something else with those feathers, you first have to get them in order.

Well, data-driven marketing is the same way -- good marketing depends on good data, and a good first step to get there is with data management. From there, the power of customer intelligence solutions is within reach to get you in sync with the customer journey. Take a look and let us know what you think!

tags: big data, Big Data MOPS Series, customer intelligence, data governance, data management, data security
10月 102014

The Big Data MOPS Series with Tamara Dull

What do Ebay, Living Social and Adobe have in common? These companies, among countless others, have all experienced a significant data breach in the last year. While these breaches have cost millions of dollars to fix, they’ve also cost some executives their jobs. If you don’t think data security is important, especially in this new age of big data, think again.

About data breaches. In April 2014, Verizon Enterprise Solutions released its 2014 Data Breach Investigations Report (DBIR). For this report: 50 organizations from around the world contributed; 63,000+ security incidents were analyzed; and 1,367 confirmed data breaches were studied. One key discovery Verizon made this year is that over the last 10 years, 92% of the incidents they’ve seen can be summarized with these nine classification patterns:

  • Miscellaneous errors – any user mistake that compromises security
  • Crimeware – malware, phishing
  • Insider and privilege misuse – includes outsiders and partners
  • Physical theft and loss – loss of devices and information assets
  • Web app attacks – use of stolen credentials, exploit vulnerabilities
  • Denial of service (DoS) – attacks, not breaches, designed to bring systems to a halt
  • Cyber-espionage – state-affiliated breaches, intellectual property theft
  • Point-of-sale intrusions – attacks on POS applications to capture payment data
  • Payment card skimmers – physical installation that reads your card as you pay

These nine patterns classify almost all of the attacks an organization is likely to face. Organizations can use these patterns to better understand the threat landscape and prioritize their own security investments.

Why this matters. Even though data security may sound like it’s IT’s responsibility, it’s not. It’s a company-wide responsibility that affects every employee regardless of role. Not only can data breaches cost a lot to fix (both legally and technically), your customers may lose faith in your ability to protect their interests, your reputation will most likely be damaged, and your bottom line may be negatively impacted. Some companies never really recover from such tragedies.

Questions to think about. As I mentioned earlier, data security is a company-wide responsibility. Even if you aren’t in IT, how prepared are you to answer the following questions?

  • Is data security taken seriously at your organization? If not, why not? Remember that if you suffer a breach of any kind, the potential loss could be devastating.
  • Are you encrypting sensitive data? Whether the data is being stored on-premises or in the cloud, make sure proper encryption (and decryption) techniques and practices are in place.
  • What proactive steps have you taken to make sure the data you’re collecting is secure? Even though you may never be asked by a customer, be prepared to answer, “How is my data being secured?”
  • Who has access to the customer data you’re collecting? And who’s accessing this data? (The answers to these two questions may be different, which could indicate a problem that needs addressing.) It’s important to keep data on a need-to-know basis and make sure access is revoked when an employee leaves the company.

One final thought. It’s not enough anymore for companies to primarily focus on protecting themselves from external, malicious data breaches. As Edward Snowden, the NSA whistleblower, has aptly demonstrated, giving an employee too much access can also work against you. Be vigilant and pay attention to the warning signals. Even if that warning signal is coming from your gut.

Originally written for and published on Smart Data Collective as part of the Big Data MOPS Series

Editor's note:

Tamara is 100% right in saying that data security is a company-wide responsibility that affects every employee regardless of role. As the steward of the customer relationship, it should be a particular concern of marketing because most of the data in big data is customer data.

That's not to say marketing should take the issue on single-handedly - be ready to participate in the dialogue and expect to spend more time at the table with I.T. on this and other big data issues. For more details about that, take a look at this CMO Council report called Big Data's Biggest Role: Aligning the CMO and the CIO. It's worth the read.

tags: big data, Big Data MOPS Series, data governance, data security, marketing analytics
8月 192014
What kind of security do we need for this conversion?  In fact, where are the security people?  Including security personnel upfront in any conversion project can sure save some time and heartache later.  It is important to include security for the following: Source system access – You must be able […]
8月 012014

“Human errors and systems glitches caused nearly two-thirds of data breaches globally in 2012.”
- Ponemon Institute and Symantec

Nothing has accelerated the proliferation and sharing of personal data more than the internet. Some may disagree, but unless you’re living a technology-free life – by choice or not – then it’s hard to dismiss the impact the internet has had on both our personal and professional lives. From email to social networks to online shopping and travel, we’re generating a crazy amount of online personal data every day. Who’s keeping an eye on that data and who’s protecting it?

The irony is that when it comes to our workplaces, we have historically held IT responsible for securing our corporate data. If there’s a data breach, we contact IT. If there are application or data access issues, we contact IT. If there are privacy issues, we contact IT (and probably Legal).

But is this really the right model for the internet age?

The Data Security Isle in the Big Data Archipelago

The Data Security Isle in the Big Data Archipelago

A Big Data Best Practice for Data Security

If we truly deem our data as valuable – whether it's corporate or personal, big or small – just like we do our financial investments, then perhaps securing data is not just IT’s responsibility anymore. Maybe it’s time for us to foster a culture where data is treated as a corporate asset. A logical place to start could be with social data – yours, your company’s and your coworkers. Who’s keeping an eye on this data and who’s protecting your company?

The answer should be “all of us.”

The bottom line is this: Whether the data is stored internally or it’s available externally on a public network, we can’t expect IT to monitor and manage it all. We need to be vigilant with our corporate data—as if it were our own money—and help protect our companies from suspicious or fraudulent activity.

A Marketer’s Role in Keeping Customer Data Secure

As marketers, we’re in the business of collecting and using customer data. And with customers becoming more aware of (and alarmed about) data security and privacy issues in both their professional and personal lives – it behooves us be careful with and responsible for the data we collect. Because if it’s not us, then who?

In one of my recent articles about data breaches, If You Think Data Security is IT’s Responsibility, Think Again, I highlight a few security questions we should all be asking:

  • Is data security taken seriously at your organization? If not, why not?
  • Are you encrypting sensitive data? Whether the data is being stored on-premises or in the cloud, make sure proper encryption (and decryption) techniques and practices are in place.
  • What proactive steps have you taken to make sure the data you’re collecting is secure? Even though you personally may never be asked by a customer, be prepared to answer, “How is my data being secured?”
  • Who can access the customer data you’re collecting? And who’s actually accessing this data? It’s important to keep data on a need-to-know basis and make sure access is revoked when an employee leaves the company.

We all have a part to play when it comes to keeping our company’s data secure. And even with IT in the lead role, we know that with any good production, it takes the entire cast – in front of the curtain and behind it - to capture and captivate a distinguishing audience.

Key Takeaways for Marketers

  • Data – big and small – is one of your organization’s most valuable assets. Secure it.
  • Don’t assume that IT has it all covered. Do your part.
  • Beware of the Big Data Narwhal on the North Shore of the island. He may be getting away with your data.
  • Your online social activity is a reflection on you. And your company. Be mindful.

This is the 7th post in a 10-post series, “A marketer’s journey through the Big Data Archipelago.” This series explores 10 key best practices for big data and why marketers should care. Our next stop is the People Isle, where we’ll talk about focusing on individual roles and skills.

tags: big data, Big Data Archipelago, data security, strategy