Contact Database Security 101: A Few Basic Insights and Tips

When hackers gained illegal access to Epsilon’s email contact database in 2011, alarm bells went off, raising concerns about the security of contact details along with personal and professional information stored in marketing databanks. A few months and a dozen hacking incidents involving different companies later, TicketWeb reported that hackers obtained customers email information after breaching its system in February. Recently, in July, hackers exposed 435,000 credentials claimed to have been taken from Yahoo! Services, and these cases make up only the tip of the iceberg.

So where does this leave you and your efforts at keeping your contact databases secure? It places you squarely within the sights of hackers as cybercrimes affect all businesses with an online presence regardless of the size, location, or scope. More importantly, the current security situation should lead you to consider taking the necessary steps to safeguard your contacts’ information.

Imagine hackers stealing email and other personalized information from your B2B email marketing database, then forging your company identity via email messages intended to phish password, credit card, or other sensitive data from the recipients. This would be a potentially catastrophic scenario not only in dollar terms but in your company’s credibility as well. In order to help you avoid this, here are some simple yet effective tips on improving the security of your databases:

1. Use specific IP addresses.

Most cyber-security experts say that this approach is the simplest measure against potential security threats. This basically involves limiting the IP addresses that can access your email accounts, acting as an extra filtering criterion aside from username and password as both can easily be stolen.

2. Streamline your data.

Another important preventive step to take is to gather and store only the data that you really need in your marketing efforts. Do you really need to ask for other more personally identifiable information from your B2B recipients and have them stored on your email contacts databases?

3. Check your links.

ISPs do an excellent job at filtering emails with excessive numbers of links but, aside from the link count on your messages, you also need to make sure that links originate from your domain or relevant locations. Hackers use links on emails that initiate the downloading and installation of malware onto the recipients’ computers once clicked.

4. Send frequent reminders.

Email marketers have the added responsibility of being guardians of their subscribers’ contact and personal/professional information. As such, you need to regularly remind your recipients about the security policies you follow and send practical tips and advice on authenticating email communications. If you’re working with an email marketing service company, you should also carefully consider their security policy as well.

5. Restrict wireless/remote access.

Enabling access to your email database from laptops and mobile devices is a very risky proposition especially if these points of access aren’t properly password-protected. Also, email contact information and other recipient-related data should never be stored on portable drives or freely transferred among devices.

6. Be relevant and consistent.

A well-run email campaign with strong emphasis on relevance and consistency can be a powerful weapon against email fraud. Developing a distinct voice that recipients can identify and associate with your campaign can help them distinguish forged emails from genuine ones. In addition, staying within the interests and preferences of your subscribers as well as working toward continuing the conversation allow your recipients to unmask fraudulent senders.

Internet security experts say that as much as 92% of documented cyber-attacks targeted at or using email information could have been prevented by taking the necessary steps. This underscores the need for action on your part, and you need to act now.