As marketers, we continue to wield more and more power within our organizations. That power is only credible if we are able to accept increased responsibility to protect the compliance and security around employees and customers. I recently spent a full day at the RSA conference, followed up with an evening at Hootsuites inaugural Connect conference. Given the proliferation of social media and the extent to which we rely on saas solutions, these events were a timely blend of macro and micro levels of security. What follows are security and Identity management resources for the non-technical business executive to reference.
If the most recent cyber-attacks (Playstation, Chase, Twitter, Target), weren’t enough to get your attention, in 2013 “86% of all websites had at least one serious vulnerability”. A statistic from Whitehat security, a trusted source on security since 2006. As my sources in the industry have explained to me, “Your employees are your greatest risk. Once an employee’s credentials are compromised, your entire Saas ecosystem or even worse, customer and transaction databases are vulnerable”. A big first step for executives is understanding the sources of risk within your own organization.
At RSA it was interesting to see the steps being taken by provides to help build stronger identity management and cloud security solutions at a macro level; Ping Identity, Okta, Onelogin and ZscalerShift are all good sources of information. While it might be IT’s responsibility for procuring and setting-up these solutions, it is important as marketeers to understand them. If you understand configuration and reporting available to you, the oversight of your teams productivity and security becomes easier.
It was also reassuring to see the serious nature large social media providers are taking when it comes to security and compliance at a micro level. At Hootsuite Connect, partner company Nexgen is offering a suite of solutions to help with account profile and content management specifically for compliance, policies and security. Some features are as basic as identifying all the social media handles and monitoring them against a set of compliance or policy guidelines. For some marketers, starting with a baseline of “what” exists in your social ecosystem is a big step to knowing “how” to make an impactful change. When conducting major social media audits, I am always surprised how many rogue, hijacked, or defunct social handles exist for major brands.
Survival in the next 5 years won’t require you to become a security industry professional. Simply spending a little time to follow some of the trends and key solution providers will help you understand how to accept your share of accountability along with your IT and security co-workers.