CMOs: Mastering Your New Role in Cloud Application Data Protection
Key Concepts Every CMO Should Know – part 2 of a 3 part series
In the first article of this three-part series, cloud application myths were countered with facts. Part 2 of this series covers an introduction for CMOs to key concepts, terminology, and best practices for cloud data protection. In the final part of this series, CMOs and their teams will be able to access a checklist they can use to align their processes with known IT best practices.
Three Key Concepts in Cloud Data Protection for CMOs
Although there are multiple layers of technical and regulatory complexity regarding data protection in the cloud (just ask any CISO), there are three key concepts every CMO should be familiar with regarding cloud application data protection:
- Which people and what systems have access to what data and metadata, and what protocols are in place to manage access and permissions? For instance, can a telemarketing employee see or access customer payment history in CRM data that should be visible only to the Account owner and Finance?
- Change management. Which people and what systems can perform what sorts of changes (overwrite, delete, append, insert/upload, create new fields); and what audit trails are enabled to track what was changed when, and by whom?
- How are data and metadata (dashboards, reports, and even application “look and feel” customizations) archived? Which subsets of these are highly business-critical, how are they being backed up, and how long would it take to restore and restart business processes in the event there’s a data loss incident?
- Regarding accessibility, if for example your organization uses Salesforce, who has Administrator rights and permissions? What oversight processes are in place to manage their access?
- The employee lifecycle can drive change management needs; in the event an employee who uses Salesforce leaves the organization, what processes are in place to check for changes they may have made beyond their normal scope in the weeks before their leaving?
- It’s not enough to recover data (for example, from a tape drive backup or a .csv file) for business continuity. Would it be possible for a Salesforce Admin (just one example) to restore Opportunity history or Support history if the information was overwritten a month earlier by a recently departed employee? How long would it take to restore? Disgruntled employees are an increasing data security concern, according to recent FBI reports.
Even though CMOs and their teams may have ownership of a cloud application, IT has considerable experience in best practices for business continuity, and can be a strong partner in implementing robust data protection protocols. Make sure you align with IT to implement the right processes for accessibility, change management, and restore regarding those marketing applications running in the cloud.
This article is part 2 of a 3-part series:
- Part 1 – CMOs: Mastering Your New Role as Cloud Data Protector
- Part 2 – What Every CMO Should Know about Cloud Application Data Protection
- Part 3 – CMOs: Your Action Plan for Cloud Application Data Protection
For Additional Information:
About the Author:
Lori Witzel – Product Marketing Manager, Spanning Backup
Lori Witzel has lived in Austin, Texas since there were more horned toads than technologists, and has been sharing info with, listening to, and learning from tech users ever since. Prior to Spanning Backup, Lori worked for various early-stage Cloud start-ups, mid-sized middleware providers, and eduducational tech firms, and she’s always eager to learn more. Visit Lori’s profile on Google+