9) Vet ESPs and other vendors that send email on your behalf.

Published on .

Your employees could be doing all the right things, but your ESP or service provider might have huge holes in its security policies. How can you know? Ask, said Marketfish's David Fowler. Some important questions include: Does the vendor have a privacy policy and statement? How old is its privacy policy? What kind of data does it collect? How often is the policy updated? “These are important questions to be asking,” Fowler said. “Also, how do they onboard new customers? A vendor could have a robust privacy statement but, if what it does isn't the same as what it says, you can have a problem.” Fowler said you should also know exactly what that third party is going to do if something goes wrong. Does it have a roadmap or contingency plan in the event of a data or security breach? Is it contractually obligated to disclose any breaches? How often is it updating its security policies, software and services? The buck doesn't stop with the ESP or service provider, either. Marketers should ask ESPs or vendors to disclose any third-party hosting companies they work with and get details on their policies as well. “The reality is, unless you own the entire network [that data resides on and email is sent from], then there's always going to be a door open for something to occur, so you need to go in with eyes open,” Fowler said.
Most Popular
In this article: