Dror Harel Tue Jul 22, 2014

There is a huge opportunity to leverage personalized video to better engage with your customers and create lasting and profitable relationships. However, sharing customer data with your SmartVideo partner can pose a security risk to your organization if not handled properly. Here are our recommendations on how to maintain the utmost level of security while delivering engaging and effective video experiences.

1. Sensitive, confidential and personally identifiable information

Personalizing video communications doesn’t necessarily mean that you have to incorporate confidential information or include sensitive elements such as PII (personally identifiable information), PCI data (payment card industry) or even PHI (protected health information) to be successful. Personalization is all about contextual relevance, and often this can be achieved without confidential or PII/PCI/PHI!

If you need to include confidential or personally identifiable information in your smart videos, then it is recommended you choose a vendor with a SOC2 certification. (Ahem…) Alternately, if you need to include PII in your smart videos, then you can incorporate additional levels of security to protect access to the video and the data used to create it. While the security measures associated with including this information in a video might limit your total number of video views, as potential viewers will need to take extra steps to view the video such as logging into a portal or another authenticated space and might limit the video’s return on investment, those are necessary steps to protect your customers’ information.

2. Robust and reputable customer base

You can often judge a personalized video partner by its customer base. Smart video experts will have a large customer base spanning multiple verticals, phases of the lifecycle and touch points. These types of vendors will understand the nuances and intricacies of your industry and business, and advise on appropriate ways to protect your customer data.

Ask potential partners and vendors about the due diligence processes and InfoSec reviews they’ve worked through to date. Smart video companies that can point to a customer base with multiple security review examples should be able to provide you with a robust and secure solution.

3. Processes, accreditations and certifications

Look for a partner with enterprise processes in place to ensure that data is secure and the service is reliable. It is critical that your smart video provider has an Information Classification, Information Security Policy, Data Center Security Policy, a Disaster Recovery Plan and a Business Continuity Plan in place.

Ask your smart video partner to provide proof of various certifications such as SOC2 or ISO27001. These certifications will ensure that the processes in the aforementioned documents are properly defined and actually being followed during business operations.

4. Storage-less solution

Arguably the most important trait of a safe, a secure smart video provider is one that never stores your business data. Storage-less vendors pull real-time data to generate a smart video at the moment a viewer clicks play, and do not keep that data post the video consumption. This solution provides the most scalability and security from a business perspective while providing the most up-to-date and relevant content from a viewer perspective.

What do you think? What other customer privacy and security questions have you had or wanted to ask when researching smart video partners? Ask away in the comments section below.

Leave a Reply