Why Marketers Need to be More Concerned about Security when Collaborating

Leaked marketing documents can cause havoc when media outlets get access to them. Marketing teams can follow these best practices for content collaboration.

4 October 2016

True Enterprise Security Is More than Just Technology

In July of 2016, a marketing brief by the Shell Oil Company was leaked to the environmental activist Greenpeace's EnergyDesk blog. The document revealed: “While we seek to enhance our operations’ average energy intensity … we have no immediate plans to move to a net-zero emissions portfolio over our investment horizon of 10–20 years.”

It wasn't exactly intended to fall into public view, but it did.

Leaked marketing documents can cause havoc when media outlets get access to them. But for regulated environments, the stakes are even higher. If customer data is leaked, exposed or stolen, it could result in not only a loss of goodwill and trust, but also serious fines and penalties.

How Marketing Collaboration Can Compromise Sensitive Data





  • When an employee from one organization passes sensitive data to someone in another organization
  • When a trusted vendor doesn't have security measures that are as tight as its client's
  • When sensitive data is exchanged in consumer-grade tools such as Dropbox and WeTransfer without watchful controls
  • When marketing data finds its way into social media channels unprotected and becomes unintentionally available to all

The marketing landscape is fertile for security breaches which is why content collaboration should be a focus of concern to build a new, secure perimeter.

Marketing and Content Collaboration Risks

Collaborative environments are useful in marketing. Teams are often dispersed, sharing content remotely. Without tight security, anything can happen. Marketing managers and leadership have a growing responsibility to insure that sensitive data is secure during any content collaboration within their landscape.

Christopher McClean, VP, research director at Forrester in January of 2016, interviewed by marketing publications DMN, stated that "Compliance and security is the job of legal and information teams. The marketer's job is on both sides of this equation. They get the benefits from more technology and better uses of data, but they're also the ones exposing the company to risks. Marketers have to make sure they're thinking about these risks, and balancing the risks with the benefits of getting all of this data."

Marketing documents and customer data are often used in collaborative efforts by many different stakeholders. Senior marketing managers need to think like IT professionals when handling content that is sensitive — particularly in regulated environments such as the financial services industry.

Regulated Information — In The Wrong Place?

Often a regulatory breach is the result of one person inside the organization who was able to obtain confidential, but regulated information. For instance, that's what caused Goldman Sachs to be fined $36.3 million from an incident in 2014 when a Goldman employee took confidential information from a crony from the Federal Reserve Bank of New York. A New York Times article described the incident: "The documents effectively provided Goldman with a window into the Fed’s private insights about regulatory matters. And the bank, the Fed said, used the information in presentations to current and prospective clients 'in an effort to solicit business.’”

The right information can serve as a powerful marketing tool, however, companies must make sure that tight regulated information doesn't leave an organization for this purpose. Likewise, those using regulated information should be sensitive as to where the data originated.

Not Just Internal, But Also External

In Goldman Sachs' case, it was a zealous employee seeking success in pitching clients. But data breaches of sensitive marketing information don't always originate inside the company. Sometimes they originate outside an organization with well-meaning vendors who need to use your data, but do so without your tight controls to secure it.

That's what happened when the servers of DAC Group, a Toronto-based digital and content marketing agency was hacked. Hacked data included some 77,000 leaked accounts from Bloomington, Illinois-based insurer State Farm. State Farm later stated that the compromised data was that of State Farm employees and independent contractors versus customer data. But the incident is compelling enough to know that marketing vendors get hacked.

Sharing documents between marketing vendors and their clients can put confidential information at risk unless all parties have proper security in place.

The New Perimeter

Marketing collaboration nowadays means that stakeholders from all different corners within an organization and external to it must be considered when building a sound risk, compliance and data governance program. With cloud computing, social media, third-party storage sites and other popular stops in our data landscape, the perimeter has changed.

Intralinks' Chief Marketing Officer Jay Muelhoefer stated it best in a column for Australia's Marketing magazine when he pointed out that workers had historically been accustomed to saving data within the confines of their own enterprise and its own IT infrastructure, where the perimeter was the firewall. But, things are different now he says: "Since the advent of cloud computing, this has changed. In the current totally connected world, the data perimeter now needs to reside within individual documents, rather than within the IT infrastructure. This requires a new data management approach and better solutions for all organizations, in particular their marketing teams."

If you'd like to learn more about secure content collaboration, check out our enterprise collaboration resources.

Jim Romeo

Jim Romeo

Jim Romeo is a journalist based in Chesapeake, Virginia, with a focus on business and technology. He is an engineer by background and education, and has written for numerous publications including SC Magazine, Security Magazine and TechTarget, among others. He is also the author of two books.