People are empowered more than ever today in terms of who can access and leverage their data. That said, there is more data flowing throughout the internet now than ever before.
As marketers, when enabled via privacy-centric methods, we often securely use customer PII data within digital media to target, exclude, and build upon existing customer audiences to deliver more relevant and valuable consumer experiences.
This results in us targeting more receptive media audiences, avoiding the propagation of useless noise to the marketplace, and yielding more ROI-friendly campaigns for our clients.
What is PII Data?
PII stands for Personally Identifiable Information and includes items such as a person’s name, email address, phone number, and date of birth. It’s a subset of first-party data, which is increasing in importance with the eventual phase-out of 3rd party cookies.
How Do Digital Marketers Use PII?
Marketers and agencies leverage match-based audiences for enhanced targeting on Google, Meta, and other media networks within audience targeting tactics. Match-based audiences utilize first-party customer information to help qualify to pinpoint specific audiences (current customers, target customers, and similar audiences).
For example, through Google Ads Customer Match, marketers can suppress or target specific user lists while lookalike audiences create brand new user lists in a privacy-centric manner with the use of first-party data.
Retargeting, also powered by first-party data, is another standard tactic that most advertisers currently utilize. Marketers segment all these elements into greater detail for more robust digital campaign performance.
Why Do Digital Marketers Need to Secure PII Data?
Hackers are known to gain access to and use personally identifiable information to commit fraud and identity theft. Stolen PII enables online thieves to open new, fake accounts by obtaining the minimal amount of personal information required.
In many cases of obtaining this information, online hackers will rely on several steps to gain access to more and more information. By ensuring that your company or agency is PII compliant, you reduce the likelihood of supporting this activity through the breach of customer data.
What Are the Best Practices for Securing PII Data?
The following five steps offer marketers tips on securely accessing, exchanging, and leveraging PII data.
Step 1: Secured Microsoft 365 Environment, Azure, and Configurations
For data security, use Microsoft’s Azure, which secures data using various encryption methods, protocols, and algorithms, including double encryption.
You can also set configurations so that only necessary parties can access certain sensitive folders, which can house documents that are set to delete after 60 days automatically.
Step 2: Secure FTP (File Transfer Protocol)
Cloud-based SaaS software, such as Citrix ShareFile, enables the secure exchange of sensitive files between two companies. ShareFile employs Transport Layer Security (TLS) security protocols to protect authentication, authorization, and file transfers.
Files are encrypted in transit with up to 256-bit encryption, depending on your web browser capabilities. And ShareFile employs a keyed hashed message authentication code (HMAC) to authenticate and ensure the integrity of intra-system communications and relies on file size and hash to ensure file integrity.
Step 3: Hashed Upload into Marketing Platforms (Google, Meta Business Manager)
When marketers upload PII-related targeting data into ad platforms, such as Google Ads API, the platform uses Transport Layer Security (TLS) for your upload, which is the industry standard to securely transfer files.
Marketers keep data secure by hashing customer data using the SHA256 algorithm, or Google Ads will hash the data for you using the same algorithm, which is the industry standard for one-way hashing.
Encrypted customer data also provides ad platforms with a more complete picture of the customer’s full journey.
Finally, by connecting Google Ads and Google Analytics accounts or implementing tracking features such as Google Enhanced Conversions, marketers securely share hashed user data securely and seamlessly.
Step 4: Multi-factor Authentication
Multi-factor or 2-step verification goes beyond requiring a username and password for logins by sending single or one-time use passcodes to your email or cell phone. As a best practice, marketers should enable 2-step verification for all apps used while handling PII data, including file sharing and media apps, to keep the bad guys out.
Step 5: Partner with a Digital Agency Leveraging a HITRUST-Certified System
What is HITRUST?
HITRUST, which stands for the Health Information Trust Alliance, helps brands from all industries securely manage data, information risk, and compliance based on a standardized framework. It was developed specifically for the healthcare industry but is leveraged by companies throughout every industry to address information risk management across a matrix of third-party assurance assessments.
Lever has worked with clients in just about every industry, spanning B2B and B2C products and services. While leveraging customer data, we utilize a HITRUST r2 certified system (Lever Interactive IT Platform residing at Microsoft Azure / Microsoft O365) and strict policies, procedures, and system configurations to safeguard PII data. Simply put, our client’s compliance departments appreciate our secure approach of handling PII immensely.
Follow Best Practice When Using PII in Marketing
Data shared by people can help marketers build stronger digital campaigns. Bringing awareness to your entire marketing team of the dangers of mishandling PII data is a great start. However, the steps outlined within this article can help your organization immensely in keeping hackers at bay and consumer data protected.
For additional guidance or to learn more about Lever Interactive and how we may be able to help your digital marketing, reach out to us today.