In our last piece, we discussed the new cyber pandemic, and why digital marketers need to be paying attention. But while the two key attack vectors are through email and malware, including phishing attacks, there are also lesser known avenues that require extra vigilance.
It is known as a pandemic for a reason: cyber warfare is continually evolving, spreading and adapting. Our digital world is interconnected; a mapped maze of entry points, big and small, known and unknown, that may threaten the security of the whole. This is compounded by the convalescence of our work and personal lives. Many even use the same passwords, or the same password managers. Access to a Google account may mean access to every account connected to it.
To that end, here are a few extra points of cyber awareness digital marketers should consider, both for themselves and for the strategies they create.
Domains and WordPress
Domains don’t traditionally fall under the digital marketer’s remit, but, sometimes, needs must. You don’t have to monitor all the traffic that goes in and out – that really is another’s job – but there are a few points to be aware of, especially if you’re relied upon to sound the first alarm.
By now, everybody has heard of DDOS attacks, such is their ubiquity in the cyber-story news cycle. DDOS (distributed denial of service) attacks involve flooding a domain with requests, to either cripple or severely compromise network performance.
To protect against this, you’ll need to work directly with an IT professional: either an internal hire or a third-party responsible for managing your website. Included in your marketing strategy should be contingencies for this eventuality that examine the ramifications to your marketing efforts (and reputation) and organisational response.
WordPress is the go-to for many startups. It’s simple to set up, and the abundant online resources make it easy to template and deploy a website. But the mix-and-match nature of WordPress, with its different templates, designs, components, integrations, make it a likely target for hackers. As you build out our website, you’ll want to perform regular security audits. Even the smallest chance can introduce a new vulnerability.
Protecting a website and its ancillary domains is an example of the extent of control a digital marketer has. You are responsible for its protection, and, consequently, its vulnerability. A website is an owned asset in the truest sense, however, and should largely be managed, coordinated and maintained by in-house teams.
Social media accounts, on the other hand, are a little different. It is only through compromised credentials that a hacker will gain entry into a social media account. Server-side data leaks do happen, but they’re rare, and represent one of the least likely attack vectors. Your social media account is a ‘borrowed’ – but no less important – space, and the extent of your responsibility is to safeguard the keys. As much a blessing as a curse. Protecting credentials requires you to be mindful of where sensitive information is kept, and whether it’s encrypted or not. To begin with, passwords should not be written down. Nor should they be kept in a file. Common hacking malware is capable of scraping a computer for account credentials. Common enforced practices should include 2FA (second-factor authentication), and even doubling up: using both 2FA and an email or text-based permission system, for example.
You can adapt to hurdles. It may take 20 seconds longer to log onto an account, but these hurdles also prevent any would-be hacker from gaining entrance through compromised passwords or connected accounts.
Other communication tools
A digital world requires digital tools. Many of them. Every day a new one comes out, and additional solutions are integrated into existing wads. The reason for new tools is often specificity: they focus on a particular need, and promise to meet it better.
New tools, especially those that promise better results, increased productivity, etc., are alluring. Note-taking apps. To-do lists. Company information repositories, such as Notion, used for both internal and external communication. Each may be valuable, but each also adds to the burden of companies to protect their repertoire of digital tricks. A burden that can disproportionately fall upon digital marketers.
Tool bloat is common. For marketers, the weight can be felt in having to synchronise information across many tools, or ensuring that information shared on a particular tool – say, Trello – is then represented elsewhere. Or if a product update or new piece of information is shared on Twitter, but not reflected on the company’s website or other portals.
Too much of a good thing can of course be bad, even detrimental. It’s increasingly important to vet every tool that’s added to the company’s arsenal. The tool itself may be fine, but the complication of the tool should also be considered, and whether it creates an unnecessary risk for those using it. Tools such as Notion, for example, have private and public pages, making it easy for a brash-eyed employee to disclose sensitive information on a page intended to be private, but made public.
And naturally, the more tools you’re using, the more sets of credentials you’re having to remember and note down, adding to the temptation to use the same set for multiple accounts. The problem compounds. Have a code of conduct; be selective with your tools, and mindful of the cybersecurity implications in each choice made.
The importance of cybersecurity in digital marketing cannot be overstated; as with all dangers that lurk beyond day-to-day considerations, complacency is an easy trap to fall into. But a cyber-aware digital marketing strategy is made in recognition of the potential brand and business impact of a cyber attack. It is about habit building, and ensuring that a company’s digital purlieu remains protected.
For more information on the importance of cybersecurity in digital marketing and creating a cyber-aware digital marketing strategy, contact us today.