As digital marketing and online business become more data-driven, it can be difficult to know which tools are really protecting the privacy and security of your business information, and how exactly they are doing it. While user data and behavioral analysis have undoubtedly transformed our approach to sales and marketing, they also impose multiple risks and legal limitations on the organizations that are running them.
So, having interviewed hundreds of industry leaders and top-level executives from the digital arena, we went back to see what each of them had to say about the way they handle private user information and secure business data. Scroll down to see what they had to say.
Which compliance guidelines do you meet, and how do you audit them?
We’re SOC certified, HIPAA, and PCI compliant. We have an affiliation with a CJIS compliant data center, which helps us address the needs of law enforcement, municipal governments, and courts. We are also GDPR compliant, which is necessary for any of our customers who interact with EU citizens on the web.
We have independent third-parties who come in and periodically audit our systems, procedures, and facilities to ensure our compliance. We also do our own internal mock audits, where we go through checklists to make sure the proper procedures, controls, and documentation are in place. It’s a grueling ongoing process.
What security do you offer against hackers and other cyber threats?
We have several layers of security protecting our customers. On the network layer, we monitor traffic with our technological bombardment. If there’s a DDoS attack or another problem, we’ll reroute traffic and move out IPs that are receiving malicious traffic.
On the server layer, we have a WAF (Web Application Firewall), which checks requests coming into the user service and filters out any malicious ones. We can easily recognize hacking requests targeting a WordPress or Joomla site, and we block them.
Of course, we have our own scripts which we run regularly to scan the servers to make sure there is no malicious content.
When we come across malicious code uploaded to a shared account, it is usually because a hacker found a security breach in a folder from which an inexperienced user inadvertently withdrew the permission set. Aside from removing it, we’ll notify and work with the account holder to make sure it does not happen again.
How Does Reactful Comply with the New GDPR Privacy Regulations?
Reactful is an AI-driven marketing engine that allows you to automatically display personalized content based on user behavior.
Privacy was a big topic this year. All of our customers started asking about how we handle personal information. How we store it to manage it, and how can their customers request the deletion of their personal information. The answer is very simple. We observe the behavior, but we don’t collect personal or historical information. The behavioral data that we aggregate is completely anonymous, and it’s aimed to find patterns that are common to a large number of users.
If you visit a website and you know what you’re doing, you won’t see any actions. However, if you start to click through and scroll restlessly, your behavior has changed, so our system will react differently. That’s the kind of data we are looking at and it is only relevant in real-time, so there are no traces back to the user.
What Makes Cybersecurity Such A Popular Field Of Study These Days?
Our experience shows that when an organization doesn’t have the skills in place, from a security perspective, they’re not being a customer-focused organization. So, as a customer, when you hear about hacks where the organization could have done more, you’re likely to take your business elsewhere.
If the organization shows that it did everything it could do to protect their customer’s data and it still got hacked, it’s still a business-impacting event, but the public perception and outcry may not be as severe and recovery is hopefully quicker. There are many training resources available, so there’s no excuse for being passive or negligent; you have to train your people. From a corporate brand perspective, navigating through a crisis is far easier when you have a strong story to tell. Cybersecurity has been woven into our everyday life, and businesses need to take it seriously.
Native Advertising Has Made Life Easier for Digital Marketers, But It’s Also Been Criticised for Being Over Intrusive. What Are Your Views?
Native advertising has grown a lot in the last couple of years, but we’ve also seen more ad-blockers which made it less effective. In the end, it doesn’t matter if you use a banner ad or a native ad; if you’re not intrusive you can deliver the right message to the right people.
One of the problems with native ads is that people don’t always understand they are seeing paid ads because they’re in your social feeds or news feeds and don’t look like the classic web banner ads. This could explain why it has been criticized for being intrusive. However, as with all advertising, it doesn’t matter if you use banner ads or native ads; if your message is misleading you will lose or at least annoy the user. Nobody likes to be spammed and native advertising ensures that you will only see ads that are relevant to you.
Of course, there is the privacy issue, and that’s why GDPR has come into place. We see that across the industry, we are so connected through our devices, privacy is always a difficult issue to regulate, and it’s hard to make the balance between what is ok and what’s not. It’s a debatable subject that I believe will continue to be looked at and regulated.
What would you advise to brands seeking to maintain copyrights over their online content and assets?
We discovered two main things. Firstly, leaks of information and plagiarism are much more common than people think. Every company we worked with discovered things that have been copied from them without them knowing. It’s important to be able to track that. Secondly, from an SEO perspective, it’s very important to know what the distribution of content is and whether it is plagiarized.
In the case that you have even unintentionally used plagiarized content, you may get penalized by search engines like Google, which will decrease your traffic and revenue. So it’s important to have tools that track your content distribution in an ongoing matter.
As we all know, everything is digitized today, you see more and more content online and it makes content tracking even a greater issue. Also, we see more sophisticated forms of plagiarism, for example by using paraphrased content to disguise the plagiarized source. This is why I believe AI and ML will play a greater role in this game to detect these types of plagiarism, which is why it is and will continue to be one of our main focuses.
Another interesting topic is plagiarism through translation. Plagiarism can be done across languages. Often, we find content that was originally published in one language and was translated and published as if it was original. This is becoming a real problem, and solutions like ours should be able to address it. We do it today in small volumes, but we hope to be able to accurately compare full documents in different languages. I believe this will become possible in the near future.
According to your website, “Web applications are the biggest Achilles heel in an organization’s security strategy.” Why?
The advantage of the internet is that you have access to a website 24/7. All you need is a computer and an internet connection, but it also presents a security problem: hackers, too, can connect and have access to any web service.
The majority of hacks begin with a bulk attack on lots of different websites. When they identify a vulnerability, they go deeper in order to explore the attack and see if that website is worth hacking into. That’s why the website is the bridge between hackers and companies, a bridge between the person sitting on their computer and your company database.
Most businesses apparently do not believe they are at risk of losing one of their most valuable assets, which is customer data, to cybercriminals. Anyone who reads the daily news knows that it is a foolish gamble to make.
Once you are logged in to the website, you are connected to the company’s database. That’s what hackers are using in order to execute their criminal actions.
The last report by the US National Cyber Security Alliance showed that in the SMB market, more than 50% of businesses that were under attack went out of business within six months. This proves just how important cybersecurity is.
How do you secure user information from cyber threats?
Within the email signature realm, there are 2 ways to do it. One is to reroute the email after it has been sent. It allows the email signature provider with more flexibility, without needing to adapt to each mail platform’s ever-changing guidelines. However, that way isn’t secure enough because you’re rerouting emails through a third party, which is the signature provider. Instead, we have adapted to guidelines where we inject the signature before the email is sent, so there’s no routing through third parties. Security remains within the limits of tech giants like Apple, Google, and Microsoft, so we don’t need to deal with it. We use data encryption throughout the process like every other vendor.
What Are Your Personal Insights on User Behavior in Relation to Privacy?
Most users have absolutely no issue sharing personal information with websites like Facebook, Amazon and other big players. These websites have gained the trust of millions over the years by simply being trustworthy and building an excellent reputation. Developing a sense of trust is the basis for growing a business. So I think social proof is a great way to earn a reputation, and show that your brand is actually worth something.
We understand it’s impossible to not judge a book by its cover, so we try to make the cover as appealing and as welcoming as it can be.
As you can clearly see, there is no one-size-fits-all solution for securing personal user information and privacy. While regulations differ from one country to another, it’s important to make sure that the software tools you use for your business are safeguarded from cyber attacks and security breaches, not only for your business’s sake but for the sake of your customers, employees and everyone in your organization.