Learn four quick terms to get smart on how your company handles user data
BY: Sara Gentry, Content Editor
We put a ton of trust in the smart-techy people who work at Amazon, Facebook and any other website that acquires, uses and stores our data. In fact, we expect a website to remember who we are, what we like and how we usually pay for it. We also expect our information to be protected—whether that’s paying on a website, joining a mailing list or allowing access to our Facebook account so we can find out which Game of Thrones house we’d belong to.
Making a household purchase is a great example of a high-stakes data submission. When you shop around Amazon, add some items to your wish list and drop two enormous bags of dog food into your cart (in my case, at least), you provide data. Checking out, you might see several ways to pay based on your past transactions because the website saves credit card numbers, as well as billing and mailing addresses. If you’ve had an Amazon account since the early 2000s, your information might be borderline biographic.
As users, we trade this information for convenience because we trust Amazon with data security. The same holds true for your business. When dealing with customer data, it’s critical to protect it—both for legal reasons and to safeguard your brand image.
Data protection is a company’s responsibility. That’s why companies, including yours, hire those aforementioned smart-techy people who understand the threats involved with the transmission and storage of personally identifiable information, aka PII (which I may or may not have read as P2 the first time I saw it). To talk with your smart techs about how your company handles user data, you’ll need to be familiar with these four terms:
Think of a tech heist in an action movie: The good or bad guy broke in to steal the chip, but he can’t read it! The file is encrypted! Good old encryption involves the use of an algorithm to turn plaintext (unencrypted info) into ciphertext (unreadable gobbledygook). You have to input a key to reverse the process. (So, it’s also good to ask how your keys are protected.)
Masking removes certain data fields. Ari Orlinsky, iostudio’s Director of Information Systems, explains it this way: “For example, a record with your first, last, email, phone and address could be masked to only contain first and phone and reduce the amount of PII in the record. It also reduces your ability to report on that data.”
Tokens stand in for data the way poker chips stand in for cash. Ari breaks it down a little further, “Tokenization is where data can be removed and replaced with a token, which allows the original data to be put back in at a later time.”
It sounds fancy and impressive to be able to house and protect huge volumes of user data, but it’s a dangerous and expensive responsibility. Do you really need all that data? Does it retain value, or can you wipe it after they use it? Erasure involves irreversibly overwriting information. It goes beyond basic deletion, making the data unrecoverable.
Data security really depends on two things: data privacy and data protection. While data privacy is mostly up to the user (after all, they could just drive to PetSmart and buy dog food with cash), data protection is your company’s responsibility. When a user allows your company access to their personal data, your company’s automated systems need to kick into gear to manage and safeguard that data.
Protection of user information is critical to build trust in your company’s brand, and by understanding data encryption, data masking, tokenization and erasure, you can have a serious conversation about how. Even with the smart techs.
Need help getting started? Talk with us. We have lots of smart techs.
Sara Gentry is our Content Editor at iostudio. Sara writes and edits style guides, web copy and promotional materials for clients. Her passion for precision began with journalism but carried her into the wild world of content, where she’s written newspaper articles, magazine features and Amazon product descriptions. Sara may be a textbook introvert, but she’ll happily talk for hours about rock ‘n’ roll, travel, and all things Britain, from Jane Austen to Jimmy Page. Her interests are pretty eclectic, but that’s perfect because content is pretty eclectic, too.