Author’s note: You’ve done all of your research, spent hours going through different options, seen an amazing demo, and are finally ready to purchase your customer data platform. But one last step looms…final approval. Make sure that you are armed with information you need to prove that your CDP is safe and secure. This is the third article in Exponea’s series “Don’t panic: A marketer’s guide to customer data security”. This series will help educate marketers on why security is so important right now and give them the proper tools to help ease the nerves of risk-averse colleagues who may not fully understand the benefits of a CDP.
The following hypothetical scenario will elicit a roller coaster of emotions for any marketer who works with customer data on a consistent basis.
David is a marketer who works with sensitive customer data every day and generally doesn’t think about it twice.
After a vacation, David comes back to work to find that there has been a customer data leak from the email platform he is responsible for. He notifies his supervisor and his entire team begins scrambling to find and fix the problem as fast as possible.
But as any savvy marketer knows, once the leak happens, it is too late. The damage has been done. C-suite level employees will now have potential data breach fines to deal with and may need to make tough decisions about the future of the employment of those involved.
But there is one light at the end of the tunnel in this doomsday scenario. David’s company uses an audit log, an effortless solution that helps increase security by tracking interactions with customer data. It can help diagnose and detect personal information leaks.
While the audit log won’t fix David’s leak, it will identify the exact source of the problem to ensure that David can address the issue and that it will never happen again. A positive tidbit that comes from an overall disastrous scenario for David’s company.
One of the most important promises that a company makes to its customers is that great care will be taken of their personal information and other data.
If you’ve missed the first two installments of our “Don’t Panic: A marketer’s guide to customer data security” series, take a moment to understand why security breach fines have soared so high recently and the importance of properly training marketers on the ins and outs of working with customer data.
Having that baseline knowledge in mind will help you to understand why Exponea prioritized improving our audit log feature in a recent product update. The main reason? It is yet another outstanding security measure offered by the Customer Data and Experience Platform that helps to ensure your business stays compliant with necessary guidelines.
The audit log provides businesses with a complete overview of all activities performed in the Exponea platform. This is particularly important when an activity is suspicious and will allow the security team to identify the dubious action and investigate it.
Specifically, the audit log tracks requests sent by application users. Results are stored in a separate Google Cloud Storage bucket that is easily accessible for downloading and processing by an automated system.
The Exponea app contains a component that verifies user access for all parts of the application. Every time a logged user performs an action, this component creates an event that is stored. Certain events are considered to be sensitive in nature and are therefore stored with additional information that may be pertinent down the road.
For security reasons, there is no direct access to the audit log from the Exponea application. This protects from manipulation or tampering and ensures 100% accuracy of the data that is stored by the audit log. If needed, access is provided by a separate service account.
In lay man’s terms, the audit log is the perfect insurance policy. You should have it in case something happens but you are very happy if you don’t need to use it.
“The audit log helps improve security without negatively impacting marketers at all,” said Tomas Straka, a Security Product Manager with Exponea. “Their ability to work is not hindered and everyone is safer. It can be your final safety net in case a bad thing happens.”
Why else might a business need the audit log? Other use case examples include investigating a GDPR/security breach, detecting suspicious activity, and law requirements or certification audits.
Exponea is a world leader in security in the SaaS space. Need proof? Exponea was the world’s first GDPR certified SaaS company and holds top security certifications to help keep our customers as protected as possible. If you’re interested in learning more about data privacy and security, Exponea Academy’s Privacy Fundamentals course is the deep dive you need to master the topic and become an expert.
Exponea is committed to protecting your data and keeping it secure. If you are ready to see the CDXP in action, watch our short demo video and see how you can compliantly turn your customer data into marketing magic.
WHAT SHOULD YOU READ NEXT? AUTHOR'S HAND-PICKED RECOMMENDATION:
How Exponea Protects Your Data
A Comprehensive Overview of Exponea Security Features