#Privacy: Big data – marketing’s scariest buzz word

Texas

Like most other business professionals, modern marketers have access to an increasingly large amount of data. However, although organisations are great at gathering ‘big data’ and creating huge data sets, they’re not great at understanding its value or outputting and integrating it in an effective way.

The steps required to solve this issue are not rocket science but, equally, are not easily accessible to marketing departments through their existing agency or consultancy relationships.

Even following the implementation of GDPR, do people really know what data is being collected about them? It seems we still need further education on privacy, location tracking and what is classified as sensitive data. Big data is full of potential, but also risk. So, it’s important to know how companies collect and handle data and also how marketers at the top level are using their big data.

How companies collect and use big data

Most companies typically collect data through sources like Google Search Console, Adwords API and tracking information in Pardot. We have seen a move towards data warehousing, where companies are starting to store all the data they can, from various sources. This presents its own challenges such as storage, security, privacy and how to then use that information.

How marketing managers at the top level use big data

…Or rather how they don’t.It seems that at so many C-Suite meetings, clients talk about using big data to drive business decisions and how they “use” data to make informed marketing or customer experience decisions.

The truth is so many companies don’t use their data in any meaningful way. This is often due to a lack of understanding of what can be achieved with it. At Organic, we spend a lot of time educating clients on the sorts of data they collect and how to get meaningful insights from that information. We know from experience that companies can easily make use of the data they collect through building bespoke cloud software, and training staff through empowerment programmes.

Data warehousing dangers

Most companies just collect their data and store it without making use of it, which can be dangerous for a few reasons.

First, when something is outof sight, it’s also often out of mind. This is risky for sensitive data and when tracking that data. Datasets that tend not to be accessed often, run the risk of falling off the security radar.

Second, if you don’t know your data, your company can fall into the trap of collecting everything and not knowing exactly what it is you have stored. This leads to data that should not be collected or sensitive information being kept sometimes in unsecure places.

Collecting and processing data without getting into trouble

So how can your businesses collect and successfully use data? These steps can help make data easier to decode.

  • Know what you collect: perhaps the most important point is to know the data you are collecting and why you are collecting it. All your data points should be validated against a use case, either for now or for use in the future, as you are required to have a purpose for collecting data under GDPR law. So be realistic about this, there’s no use collecting millions of rows of analytics if there’s a less than 10% chance that data will be utilised.
  • Secure your data: it may sound trivial, but companies constantly get this wrong. Take the recent Suprema biometric data breach for example, a highly sensitive database that was accidently made accessible to the web. Minimal effort is required to properly secure data, so there is no excuse for not putting necessary measures in place. At Organic, we use secure authentication services, all staff that access client databases are required to use a hardware security key. Connections to sensitive client systems should be run through a VPN into a VPC where resources are located and isolated, and all communications need to be encrypted end-to-end. By using encrypted service tokens for connecting to data sources, it ensures only authorised developers can access systems.
  • Define what is sensitive: Be cautious with what data you classify as anonymous and what is genuinely ‘sensitive’, consult with privacy professionals and your DPO. Businesses can fall into the trap of believing that location tracking data is not sensitive because it doesn’t tie back to a user. However, that kind of data is ripe for use in identity theft.
  • Audit regularly: Doing this ensures your data stays relevant and you aren’t collecting things you shouldn’t. Access logs should also be audited to maintain security.
  • Manage your supply chain: Auditing your hosting and data suppliers regularly allows you to ensure they meet the standards in your agreement and that they are legally compliant. Not all hosts are capable of providing the level of security and auditing required to maintain proper big data security.

At Organic, we believe there is a huge amount of potential value being lost in current data practices and we help clients unlock it. To achieve this, you need a simple process, make sure you understand the business and marketing objectives as this will help define the data requirements. Take a human-centred approach to the design of processes and tools to make the data usable. Finally, create and implement tools to help marketers use data to make better decisions.

By Laurent Brickell, Technical Director at Organic

About the author

Laurent is experienced in technology operations, digital marketing, big data and digital services industries, having worked with large businesses to develop streamlined software and data solutions. Laurent has worked with clients such as GKN, HG Capital, Capita, Sainsbury’s Group and Gallup.

Brickell has a bachelor’s Degree focused in Marketing, Management, Strategic Planning and Innovation. from Kingston University.

About Organic

Organic is a full-service digital agency based in Exeter and Holborn, London. They believe that digital can be a force for good. It can change people’s lives for the better, in ways that would be impossible without it. They believe in using digital for good society, good behaviours, and a good future.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/