Direct to Consumer brands have relied on catalogs for customer acquisition and revenue growth for decades. Catalogs have a strong track record for driving sales, but with costs for paper, fuel, and ...Read More »
Security Implications of Legacy Direct Mail Processes
Knowing the complexities of Direct Mail planning, execution and reporting in enterprise environments, you understand the need for sharing information across a variety of systems, internal team members and outside vendors. The data security requirements and policies from your CIO’s office are in place to mitigate risk and ensure the protection of your company’s and your customers’ private information.
The challenge for marketers is that their Direct Mail vendors must be regularly assessed against these ever-changing standards for compliance. Even with that taking place, compliance is largely dependent upon these vendors following the agreed processes and enforcing compliance internally across hundreds of employees. So, is your confidential information and customer data truly as secure as is should be?
Direct Mail Campaign DataWhen executing a Direct Mail campaign, there are a slew of data files involved in the process. Embedded in this data, usually in the form of a mail file, is Personally Identifiable Information (PII) -- information such as names, addresses and gender that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. In some cases, Protected Health Information (PHI) – any information about health status, provision of health, or payment for health care that is created or collected by a Covered Entity -- may also be included.
Oftentimes, print vendors are sent far more customer information than they need to execute a campaign, as it’s faster easier to “over share” and let the vendor pick through the files to find what they need versus parsing the information. This customer information, when stored appropriately in your in-house systems, adheres to your organization’s data security policies and procedures, ensuring it is safe from harm. Outside of your internal, controlled environment, the safety of your organization and customer data is not necessarily safe.
Data Security Issues in the Legacy Direct Mail ProcessUnfortunately, due to the complex, disconnected nature of the Direct Mail execution process, security protocols and best practices are not always followed. For execution, data needs to change hands multiple times across dozens of people, multiple print vendors, and many unique hardware and operating systems. For speed and ease of execution, files may be shared internally through email or drives. They’re also shared with external print vendors for data hygiene, proof creation and project execution.
These processes include a high level of human involvement which introduces the risk of human error. What happens when a customer service manager from a print vendor adds the wrong contact to an email and sends your data to someone outside your company? Or misplaces a drive containing sensitive information? Or logs in from home and downloads your data to a personal device?
Furthermore, when external vendors are handling your data, you never truly know if they are following the security standards that they have agreed to prior to their involvement in the campaign. All of these downstream and external risks make your information susceptible to a data breach, which is completely out of your control, but still lands squarely on your desk.
Let’s say you’re running a Direct Mail campaign for three segments of your current top customer base. You want to give group A offer #1, group B offer #2 and group C offer #3. Once you have developed your vendor matrix and map the creative for the offer to the segment, you send it off to the printer.
Now they’re equipped with the names and addresses (PII) of all customers that fit into any of those groups. They send you back the proofs for the campaign and they look great. Sweet! You send the mailers off and the campaign is a smashing success. Again, kudos to you.
Wait a second… Oops! The print vendor never deleted your customer data from their system and they’ve just been hacked. Now, all of your customer data used for that Direct Mail campaign has been breached. Campaign results aside – this isn’t the outcome you were looking for.
The Digitized Direct Marketing ProcessNew Direct Marketing automation technology removes the need for manual data transfers or external vendors receiving, handling and processing information that is unnecessary for them to have access to. It also creates a consistent and auditable process for every marketer on your team, across every campaign and print vendor. In the past, vendors were often responsible for executing complex marketing operations and the data hygiene processes that are crucial to Direct Mail execution, making it necessary for them to receive, process and store project files containing sensitive contact information. Direct Marketing technology automates these cumbersome, offline and manual processes, allowing print vendors to focus on what they do best; printing.
With a centralized Direct Marketing platform, all data is contained in a single, secure system where user rules and permissions are set, allowing only those who should have access to the information get exactly what they need when they need it, significantly reducing human error and risk. This technology also provides full compliance and audit trails, detailing who accessed specific data, when it was accessed and what they did with it.
It really comes down to this; the more systems you’re using to store and organize your data, and the more hands that are touching your data, the more susceptible you’ll be to a data breach. It’s not yet common to associate Direct Mail with enterprise marketing technology, but the truth is solutions exist that allow you to calibrate all relevant Direct Mail data within a single environment. Now you can manage a single and secure system adhering to security standards, audits and other security requirements.
Enhanced data security is one of the many benefits of digitally transforming Direct Marketing operations. Find out the others by reviewing The Drive to Digitize.
Share this post: