CDOPro https://www.webpronews.com/technology/cdopro/ Breaking News in Tech, Search, Social, & Business Mon, 14 Oct 2024 14:19:11 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://i0.wp.com/www.webpronews.com/wp-content/uploads/2020/03/cropped-wpn_siteidentity-7.png?fit=32%2C32&ssl=1 CDOPro https://www.webpronews.com/technology/cdopro/ 32 32 138578674 Inside Yum! Brands’ Data Revolution: How CDO Cameron Davies is Transforming Customer Experiences Globally https://www.webpronews.com/inside-yum-brands-data-revolution-how-cdo-cameron-davies-is-transforming-customer-experiences-globally/ Fri, 11 Oct 2024 18:10:44 +0000 https://www.webpronews.com/?p=608196 Yum! Brands, home to renowned restaurant chains such as Taco Bell, Pizza Hut, KFC, and Habit Burger, is the world’s largest restaurant company. With a presence in 155 countries and more than 50,000 locations, managing and optimizing customer data is critical to their ability to serve millions of customers each day. At the helm of this data-driven revolution is Cameron Davies, Chief Data Officer (CDO) at Yum! Brands, who has been instrumental in transforming the company’s approach to data. In a recent conversation, Davies shared a deep dive into the company’s evolving customer data strategy, emphasizing the role of first-party data, the importance of technology partnerships, and how the company is positioning itself for the future.

The Strategic Role of Data in Global Operations

Yum! Brands’ data strategy is not just about marketing or customer engagement—it underpins the entire operational infrastructure of the business. Davies explains, “We look at data from three fundamental perspectives: easy operations, easy experiences, and easy intelligence. The goal is to use data to simplify and improve everything from supply chain management to customer interactions.”

The concept of “easy operations” is critical for a global company like Yum! Brands. Davies elaborates that his team is responsible for helping restaurant operators make data-driven decisions on a day-to-day basis. “We’re leveraging AI and machine learning to determine everything from how much food we should order, to how fast we should cook it, and even how much we should cook in real-time,” he says. This granular use of data has significant implications for reducing waste, improving service speed, and ensuring consistency across thousands of locations worldwide.

The “easy experiences” pillar focuses on how Yum! Brands can use data to improve customer journeys. “Are we remembering your preferences? Are we getting you relevant offers that resonate with your tastes? Are we ensuring that these experiences translate when you move from a digital platform to a physical restaurant?” asks Davies. He stresses that data is at the core of creating seamless, omnichannel experiences for customers, especially as consumer expectations for personalization continue to rise. For Davies, this is where data becomes truly transformational, enabling the company to deliver on the promise of a more connected, convenient, and personalized dining experience.

“Data is not just about operational efficiencies; it’s about enhancing the experience for both the customer and our employees in the restaurants,” says Davies. “The intelligence we derive from our data allows us to anticipate needs, personalize offers, and ultimately, build deeper relationships with our customers.”

First-Party Data: Unlocking a Valuable Resource

Yum! Brands’ journey into data transformation began with a realization about the value of its first-party data. “When you start asking yourself, ‘How much first-party data do we actually have?’ you go in, look, and say, ‘Holy smokes!’” Davies recalls. The amount of customer data across the company’s four major brands—Taco Bell, Pizza Hut, KFC, and Habit Burger—was staggering. This data was not just vast but also unique in its potential to deliver actionable insights.

“Think about it,” says Davies, “when someone orders a pizza, they’re willing to give us a lot of personal information if it means getting their pizza delivered on time and hot. There’s a natural value exchange in our business that is not as prevalent in other industries.” This direct interaction with customers has allowed Yum! Brands to accumulate a treasure trove of data, from purchase histories to location preferences, all of which can be used to enhance customer experiences.

Yet, having access to first-party data is only part of the equation. The challenge, as Davies points out, lies in effectively using that data. “From an operations perspective, we’ve been doing pretty well. But from a forward-thinking, one-to-one digital marketing perspective, we realized that we were not leveraging our data as effectively as we could be,” he admits. This gap between data collection and data activation spurred Yum! Brands to embark on a journey of transformation, focused on optimizing the way it uses customer data to drive personalized marketing and operational efficiencies.

Choosing the Right Customer Data Platform (CDP)

For any enterprise-level organization, choosing the right Customer Data Platform (CDP) is a pivotal decision. It was no different for Yum! Brands, which undertook a rigorous process to select a partner that could meet its unique requirements. “When we started looking for a CDP, it wasn’t just about commercials or functionality. It was about finding a partner who could go on this journey with us,” says Davies. The right CDP partner, according to Davies, is not just a vendor but an extension of the organization’s data strategy, one that can adapt and grow alongside the business.

This philosophy of partnership led Yum! Brands to select Treasure Data as its CDP provider. “There were a lot of good companies out there, but we were looking for something more than just a product. We wanted a partner who understood the complexities of working in a franchisee environment and who could collaborate with us in a meaningful way,” Davies notes. The ability to work closely with franchisees is crucial for Yum! Brands, as the company operates on a decentralized model where individual franchisees often have different needs and challenges. “At Yum! Brands, we like to use the term ‘taking people with you,’ because we can’t just dictate solutions from the top down. We have to bring our franchisees along on the journey,” says Davies.

This approach to collaboration was essential in the decision-making process. Davies emphasizes that the partnership with Treasure Data has allowed Yum! Brands to maintain flexibility while pursuing its long-term goals. “We’ve had to flex, but that’s what a journey is all about—it’s never a straight line. We need partners who are willing to adapt as we move forward,” he explains. This adaptability is particularly important in an environment as dynamic as the restaurant industry, where consumer behaviors can shift rapidly, and operational demands can vary widely by region.

Navigating the Complexities of a Global Franchise

One of the most unique aspects of Yum! Brands’ data strategy is its global franchise model, which introduces an additional layer of complexity when it comes to data integration and utilization. “Operating in a franchisee environment is fundamentally different from a corporate-owned model,” says Davies. “You don’t just implement changes overnight. You have to bring your franchisees along on the journey, helping them see the value of the new data tools and platforms.”

For Davies and his team, this means constant collaboration, both internally and with external partners like Treasure Data. “We call it ‘taking people with you’ because it’s about moving everyone in the same direction. I can’t tell a franchisee to do something—they have to want to do it themselves,” he explains. This collaborative approach has been essential in aligning the company’s broader data strategy with the needs and priorities of individual franchisees.

Davies notes that one of the keys to making this model work is clear communication and flexibility. “It’s not about dictating a solution; it’s about listening, adjusting, and making sure that the strategy we’re implementing works for everyone,” he says. This decentralized approach to data management allows Yum! Brands to be both agile and responsive, ensuring that its data strategy is adaptable to the unique challenges of each market and franchise.

A Data-Driven Transformation

As Yum! Brands continues to build out its customer data strategy, Davies is optimistic about the future. “We’ve come a long way, but there’s still so much potential to unlock,” he says. The company’s focus on first-party data, combined with its commitment to collaboration and innovation, positions it as a leader in the restaurant industry’s digital transformation. “We’ve got some really good data,” says Davies. “Now it’s about using it effectively to deliver on our customer promise and to create better, more personalized experiences for each of our customers.”

For Chief Data Officers at enterprise organizations, Yum! Brands’ journey offers valuable lessons in how to approach data transformation at scale. From the importance of choosing the right technology partners to navigating the complexities of a franchise model, Yum! Brands is demonstrating how a thoughtful, data-driven strategy can drive both operational efficiencies and enhanced customer experiences.

As Davies puts it, “This isn’t just about technology; it’s about leadership. It’s about taking people with you, understanding their needs, and building a strategy that works for everyone.” For Yum! Brands, the journey has only just begun, but with a clear focus on collaboration and customer experience, the company is well-positioned to continue leading the way in the evolving world of data-driven business.

]]>
608196
Rifi’s Groundbreaking Approach to Data Observability and Rapid Issue Detection https://www.webpronews.com/rifis-groundbreaking-approach-to-data-observability-and-rapid-issue-detection/ Sat, 06 Jul 2024 11:17:18 +0000 https://www.webpronews.com/?p=601172 In today’s fast-paced digital landscape, harnessing and understanding data is paramount for success. Enter Rifi, a company at the forefront of data observability and rapid issue detection. In a recent episode of “Taking Stock,” a reporter sat down with Rifi’s CEO, Sanjay Agrawal, to delve into the innovative features and user experiences that set Rifi apart in the world of data operations.

Rifi’s platform, housed in the cloud, empowers data teams to stay ahead of the curve by offering unparalleled visibility into their operations. Sanjay highlights two key features that define Rifi’s offering. Firstly, the platform helps teams manage their budgets effectively, ensuring they don’t exceed allocations for cloud services like Snowflake or BigQuery. This proactive approach to cost management saves money and fosters trust within organizations, as data flows smoothly and reliably.

Secondly, Rifi prioritizes the time of data teams, recognizing that efficiency is crucial for building trust and making informed decisions. Sanjay notes that Rifi has enabled some customers to drastically reduce escalations from data teams to their businesses, a testament to the platform’s ability to streamline operations and increase productivity.

One of Rifi’s standout success stories involves a public company with a $10 billion market cap. Within just three weeks of implementing Rifi’s solution on BigQuery, the company noticed a significant increase in failed jobs, indicating issues with data accessibility. Instead of resorting to the traditional approach of requesting more resources, Rifi’s platform enabled the company to identify the root cause of the problem quickly: certain user and query patterns consuming excessive capacity. By addressing these issues promptly, the company was able to free up nearly a quarter-million dollars worth of capacity, demonstrating the tangible impact of Rifi’s technology on the bottom line.

When asked about Rifi’s approach to innovation, Sanjay emphasizes the company’s commitment to listening to its customers. With clients spanning various industries, including public, healthcare, finance, and startups, Rifi understands the diverse needs and challenges facing data teams today. By staying attuned to customer feedback and continuously iterating on its platform, Rifi ensures that it remains at the forefront of innovation, delivering solutions that meet the dynamic demands of the modern tech landscape.

In conclusion, Rifi’s groundbreaking approach to data observability and rapid issue detection is revolutionizing the way organizations harness and leverage their data. By combining cutting-edge technology with a customer-centric approach, Rifi empowers data teams to navigate the complexities of today’s digital world with confidence and agility.

]]>
601172
US Agencies Request the Most User Data From Big Tech, Apple Complies the Most https://www.webpronews.com/us-agencies-request-the-most-user-data-from-big-tech-apple-complies-the-most-2/ Thu, 04 Jul 2024 17:07:05 +0000 https://www.webpronews.com/?p=522547 Americans concerned about their user data falling into the hands of foreign governments may want to look closer to home.

According to new research by VPN provider SurfShark, the US government makes the most requests for user data from Big Tech companies than any other jurisdiction in the world. The company analyzed data requests to Apple, Google, Meta, and Microsoft by “government agencies of 177 countries between 2013 and 2021.”

The US came in first with 2,451,077 account requests, more than four times the number of Germany, the number two country on the list. In fact, the US made more requests than all of Europe, including the UK, which collectively came in under 2 million.

While the US and EU were responsible for a combined total of 60% of all data requests, the US “made 8 times more requests than the global average (87.9/100k).”

The number of accounts being accessed is also growing, with a five-times increase in requests from 2013 to 2021. The US alone saw a 348% increase during the time frame, and the scope and purpose of the requests are expanding.

“Besides requesting data from technology companies, authorities are now exploring more ways to monitor and tackle crime through online services. For instance, the EU is considering a regulation that would require internet service providers to detect, report, and remove abuse-related content,” says Gabriele Kaveckyte, Privacy Counsel at Surfshark. “On one hand, introducing such new measures could help solve serious criminal cases, but civil society organizations expressed their concerns of encouraging surveillance techniques which may later be used, for example, to track down political rivals.”

The report also sheds light on which companies comply the most versus which ones push back against requests. For all of its privacy-oriented marketing — “what happens on your iPhone stays on your iPhone” — Apple complies with data requests more than any other company, handing it over 82% of the time.

In contrast, Meta complies 72% of the time, and Google does 71% of the time. Microsoft, on the other hand, pushes back the most among Big Tech companies, only handing data over 68% of the time.

The findings may also put a dent in US efforts to ban TikTok and other foreign apps under the guise of protecting user privacy and data.

]]>
588613
One-Third of Organizations Struggle With Data Loss Prevention Systems https://www.webpronews.com/one-third-of-organizations-struggle-with-data-loss-prevention-systems-2/ Tue, 02 Jul 2024 01:58:08 +0000 https://www.webpronews.com/?p=522427 The Cloud Security Alliance (CSA) has bad news for the industry, saying that nearly one-third of organizations struggle with data loss prevention (DLP) systems.

The CSA is an organization dedicated to helping secure cloud computing. A survey the organization conducted with Netskope found that DLP solutions are a critical component used in cloud security.

Unfortunately, that’s where the good news ends. While companies are relying on DLP systems, nearly a third struggle to use them effectively.

Among the top challenges cited by organizations are management difficulties (29%), too many false positives (19%), the need for manual version upgrades (18%), and deployment complexity (15%).

“DLP solutions are an integral part of organizations’ data security strategy, but leaders are still struggling with this strategy and the implementation of solutions, especially for how complicated legacy and on-prem based solutions are to manage and maintain,” said Naveen Palavalli, Vice President of Products, Netskope. “These findings highlight the need for a comprehensive and easy-to-use cloud delivered data protection solution that integrates into their existing security controls and is a key tenant of their Zero Trust security strategy.”

Cloud security is increasingly in the spotlight as more and more organizations experience data breaches at a time when the cloud is becoming integral to more companies and industries.

The Biden administration has signaled it is preparing to regulate cloud security in an effort to better protect organizations. If the CSA’s findings are any indication, it looks like the industry could use the help.

]]>
588612
How To Overcome Data Compliance Issues in Enterprise Environments https://www.webpronews.com/data-compliance-issues/ https://www.webpronews.com/data-compliance-issues/#comments Fri, 09 Feb 2024 19:05:52 +0000 https://www.webpronews.com/?p=599575 All enterprises now know the power that lies in data-driven decision-making. The ability to accurately predict future trends, understand historical data, and act based on pure statistics rather than a hunch has empowered businesses to act smarter, faster, and with more precision. It’s no wonder that, with all these benefits, data has become a resource that all businesses work to capture, process, and extrapolate for their own benefits.

The global big data and analytics market is expanding every year, currently sitting just below $300 billion USD. Yet, just having access to the data architecture that enables you to collect and process data doesn’t mean that a business does so in an efficient or compliant way. Data compliance is one of the leading issues in modern business, with the fast scaling required by some businesses leading them to bad data management habits.

In order to store and utilize huge quantities of data, businesses need to take an active and proactive approach to data compliance. In this article, we’ll dive into the core issues that businesses encounter with compliance and point toward leading strategies to fix them. 

Let’s dive right in.

What Is Data Compliance?

Data compliance is an intersectional field that balances between operational data use and legal requirements. When using data, especially for analytics or business operations, it’s important to establish clear guidelines about how you are using that data and how you protect it. Data privacy, availability, and integrity are all considerations in data compliance.

Another pillar of compliance that is important to recognize is that, depending on the region that your business operates from, you may also have regulatory compliance issues to overcome. For example, Europe has strict privacy laws when it comes to handling customer data, which you must comply with or face fines.

Data compliance protects both your company and your customers, keeping all of your data, your customer data, and your private records safe. As the rising cyber threat continues to focus on the enterprise sector, expert control of data compliance and privacy is more needed than ever before.

How To Streamline Data Compliance

Data compliance may seem staggeringly complex at first glance, but is really only a representation of the very best laws, ideas, and data protection strategies to keep your business safe. As a deeply methodical process, it’s a good idea to get started with data compliance from day one.

There are a number of ways you can streamline data compliance in your organization.

Establish a Workflow

The single biggest factor that will lead to breaches in data compliance is your own employees. If they don’t know how to stay on the side of compliance, you’ve probably not made your processes obvious enough for them.

Be sure to establish a comprehensive workflow of how you should handle data when it enters your business. Create detailed guides about the use and distribution of data that you then teach to all new employees during their onboarding.

Every staff member should understand the importance of data compliance, what it means, and how to use data in a compliant manner.

Audit, Audit, Audit

Even for businesses that already have comprehensive data compliance workflows and frameworks set out, it’s a good idea to audit your business frequently. Not only does a regular audit ensure that all of your processes are being upheld and followed to the correct standard, but it also helps to create a permanent record of your work.

Audit Trails are required by many regulatory bodies, with proof of your regular system audits and the systems logged in the process acting as evidence in this regard. Depending on your geographical location, the specific audit laws you have to work to may vary. Some states in the USA are much more strict than others.

To air on the side of caution, we recommend that you audit your internal processes at least once a year. However, if you’ve experienced a data breach or are incorporating new data technologies, then you should conduct an audit much more frequently. 

Automate Where Possible

Once you have a data governance scheme in place, you’re now in a position to automate much of the initial contact points with data. There are numerous data compliance automation tools and strategies that you can put to use. Not only do these save tremendous amounts of time, especially those that focus on granular data monitoring, but they will also save your business capital in the long run.

There are several areas where you can use automation to streamline the data compliance process:

  • Incident Management – Around 40% of all businesses will experience a data disaster event at least once a year. This staggeringly high figure reminds us that creating an incident management system will allow you to respond to any events much more rapidly.
  • Recovery and Backup – One core area that you can optimize with automation is any recovery and backup processes. When creating a catalog of historical data, it’s always a good idea to create failsafe backup systems. If needed, you can use these backups to resort to an earlier version of your data systems before a compliance breach occured.
  • Schema and Management – Once you have a specific schema of data that you want to collect, you can then create safeguards that flag any data that does not strictly follow this format. Any breaches or inconsistencies will alert a developer, allowing them to take a look at any strange data instead of monitoring every single dataset that you ingest.

The ability to successfully automate aspects of data compliance will only grow in the coming years. With advancements in AI, ML, and other emerging technologies, we’ll be able to spend more time focusing on the mission-critical aspects of compliance and less on the day-to-day monotonous tasks.

Final Thoughts

The importance of the use of data cannot be overstated. As a leading tool that guides us toward better strategies, more effective use of resources, and more precise future planning, data is essential in modern business. Yet, without a comprehensive understanding of data compliance, businesses are unable to make the most of the data they have at their disposal.

By investigating your current data practices, including how you store and interact with data in your cloud data warehouse, businesses will be ready to take a more effective position on data compliance. By utilizing the strategies, examples, and systems we’ve suggested in this article, you’ll be able to construct a rigorous compliance program that secures your data while passing regulations.

]]>
https://www.webpronews.com/data-compliance-issues/feed/ 2 599575
Oracle Has a ‘Cloud-First’ Problem As Rivals Threaten Its Database Dominance https://www.webpronews.com/oracle-database-dominance-2/ Thu, 08 Feb 2024 20:13:52 +0000 https://www.webpronews.com/?p=517189 Oracle may be the undisputed king of the database market, but cloud-first rivals are threatening that dominance with cheaper, more flexible options.

Oracle has long been the dominant player in the database market. Even as the cloud has grown in importance, Oracle has managed to carve out a meaningful share of the market, thanks in large part to the strength of its database platform. Many customers see it as a full turn-key solution, combining the cloud and database solutions necessary. In spite of that, according to a report by Bloomberg, Oracle’s database dominance may be under threat from cloud-first rivals.

Bloomberg cites the example of Shutterfly, which recently made the decision to move its database to the cloud. Despite relying on Oracle for years, the company decided to go in a different direction with the transition.

Read more: Larry Ellison Touts Oracle Cloud’s Reliability in Wake of AWS Outage

“The amount of time and energy that was consumed purely running just the plumbing was immense,” Chief Technology Officer Moudy Elbayadi said in an interview. A review of the existing options on the market led Shutterfly to conclude that Oracle’s solutions didn’t “fit our desires to have that level of openness and flexibility,” Elbayadi added.

Unfortunately for Oracle, Shutterfly isn’t an isolated example. JPMorgan, Nasdaq Inc, JetBlue Airways Corp, and Automatic Data Process Inc are among the list of companies transitioning to non-Oracle options.

“We have actually quite rapidly been reducing our Oracle footprint,” said Nikolai Larbalestier, Nasdaq’s senior vice president of cloud strategy and enterprise architecture. “There are plenty of good alternatives today.”

Part of the problem stems from the complexity involved in running Oracle’s database and the cost to the client company of doing so. Mythical Games CEO John Linden emphasized the issue, despite his firm being valued at $1.2 billion.

“Oracle hits us up every week,” he said. But “we’d have to have a massive team in place to run it appropriately.”

See also: Google, Microsoft, and Oracle Had the Most Vulnerabilities in Early 2021

Just as significant, Oracle’s tools seem to be developing a reputation for not being up to par with the latest developments, making the prospect of working with them unappealing to many developers.

“I can’t even hire people if I told them that we majorly use Oracle,” Yao Morin, chief data officer at JLL Technologies, told Bloomberg. “People are yearning for better tools.”

To be clear, Oracle is still the company to beat in the database market, especially among companies that want on-premise database solutions. Nonetheless, the company clearly has some significant areas it needs to improve on if it wants to remain relevant in the coming years. Otherwise, it may find itself in the same situation as IBM when personal computers replaced mainframes — the undisputed leader of a niche market.

]]>
588703
Microsoft and Oracle Partner to Launch Oracle Database@Azure https://www.webpronews.com/microsoft-and-oracle-partner-to-launch-oracle-databaseazure/ https://www.webpronews.com/microsoft-and-oracle-partner-to-launch-oracle-databaseazure/#comments Tue, 06 Feb 2024 02:39:40 +0000 https://www.webpronews.com/?p=598764 Microsoft and Oracle have partnered to bring “Oracle database services running on Oracle Cloud Infrastructure (OCI)” to Azure datacenters.

Microsoft and Oracle are two of the leading cloud providers, although both companies lag behind market leader AWS. The two companies are teaming up to give customers the ability to run OCI on Azure servers.

“We have a real opportunity to help organizations bring their mission-critical applications to the cloud so they can transform every part of their business with this next generation of AI,” said Satya Nadella, Chairman and CEO, Microsoft. “Our expanded partnership with Oracle will make Microsoft Azure the only other cloud provider to run Oracle’s database services and help our customers unlock a new wave of cloud-powered innovation.”

“Most customers already use multiple clouds,” said Larry Ellison, Oracle Chairman and CTO. “Microsoft and Oracle have been working together to make it easy for those customers to seamlessly connect Azure Services with the very latest Oracle Database technology. By collocating Oracle Exadata hardware in Azure datacenters, customers will experience the best possible database and network performance. We are proud to partner with Microsoft to deliver this best-in-class capability to customers.”

The partnership is a win for both companies. Oracle, the king of database products, has lost customers who have migrated to competitors’ cloud offerings. By partnering with the second-largest cloud provider, Oracle offers customers a viable cloud migration path that keeps them using the company’s database products.

At the same time, Microsoft benefits by being the only other cloud provider to offer Oracle Cloud Infrastructure Database Services, setting it up to be a preferred option for Oracle customers looking to migrate to a more widely used cloud platform.

The significance of the partnership was not lost on the two tech leaders.

“It’s actually my first time in Redmond. It’s hard to believe,” Ellison said. “I waited until very late in my career to make the trip.”

“It took us 45 years, but here we are!” Nadella added.

]]>
https://www.webpronews.com/microsoft-and-oracle-partner-to-launch-oracle-databaseazure/feed/ 1 598764
Dollar Tree Data Breach Impacts Millions https://www.webpronews.com/dollar-tree-data-breach-impacts-millions/ Thu, 30 Nov 2023 02:58:43 +0000 https://www.webpronews.com/?p=599942 Dollar Tree revealed it is the victim of a data breach, one impacting some two million individuals.

According to BleepingComputer, the store chain says 1,977,486 people were impacted as a result of its service provider, Zeroed-In Technologies, being hacked. The Zeroed-In incident occurred August 7 and 8, 2023.

BleepingComputer says the Zeroed-In hackers were able to obtain private information for Dollar Tree and Family Dollar employees.

“While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor,” reads a letter sent to those impacted.

“Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates.”

]]>
599942
94% of CDOs See Privacy Technology Leading to Increased Revenue https://www.webpronews.com/94-of-cdos-see-privacy-technology-leading-to-increased-revenue/ Sun, 26 Nov 2023 01:04:48 +0000 https://www.webpronews.com/?p=518337 While many companies have built businesses profiting on consumer data, 94% of CDOs see a prime opportunity in privacy tech.

TripleBlind conducted a survey of 150 chief data officers (CDOs), as well as other executives in the healthcare and financial services industries. Interestingly, some 94% believe that deploying data privacy tech will lead to increased revenue for their organizations, especially tech that enforces privacy regulations. In addition, 37% believe improved collaboration could increase revenue up to 20%, while 46% believe they could gain a competitive advantage through increased data collaboration.

TripleBlind’s survey also shed light on exactly what CDOs are concerned about.

  • 64% are concerned that employees at partner organizations may not abide by legal agreements regarding the use of data.
  • 60% are concerned that employees at partner organizations will violate HIPPA laws and/or privacy regulations.
  • 60% are concerned that privacy-enhancing technology (PET) used by partner organizations may modify data in a way that hinders analysis.

“There is strong agreement that optimizing effective data collaboration through advanced PET solutions will result in both increased revenues and enhanced competitive advantage,” said Riddhiman Das, TripleBlind’s Co-founder and CEO. “Today, advanced PET solutions exist that render legal agreements obsolete and prevent people at both the data user and data owner from using data in a way that violates HIPAA and other data privacy regulations or modifies data in a way that results in inaccurate analyses.”

The findings stand in stark contradiction to some companies’ claim that stricter privacy standards will lead to increased costs and decreased profits.

]]>
518337
Salesforce Community Sites Are Leaking Private Data https://www.webpronews.com/salesforce-community-sites-are-leaking-private-data/ Mon, 20 Nov 2023 19:48:26 +0000 https://www.webpronews.com/?p=523305 A configuration issue is causing Salesforce Community sites, including those of banks and healthcare companies, to leak data.

KrebsOnSecurity first reported on an issue that was discovered by security researcher Charan Akiri, who wrote a program to find vulnerable Salesforce sites.

Salesforce Community is a product that makes it easy for companies to set up a website. As Krebs points out, websites can be set up to require authentication or allow guest access. In many cases, however, administrators are mistakenly giving guest users access to information that should require authorization.

“My team is frustrated by the permissive nature of the platform,” said Scott Carbee, Vermont’s Chief Information Security Officer.

Carbee says the pandemic, and the hurried nature of suddenly setting up plethora of online services, exacerbated the problem.

“During the pandemic, we were largely standing up tons of applications, and let’s just say a lot of them didn’t have the full benefit of our dev/ops process,” Carbee said. “In our case, we didn’t have any native Salesforce developers when we had to suddenly stand up all these sites.”

Unfortunately, Vermont is not alone in dealing with the issue. Akiri told Krebs that he found hundreds of organizations with misconfigured Salesforce Community sites that were leaking data. That number is by no means the full scope of the problem, as Akira has been reluctant to delve further as a result of the response he has received.

“In January and February 2023, I contacted government organizations and several companies, but I did not receive any response from these organizations,” Akiri said. “To address the issue further, I reached out to several CISOs on LinkedIn and Twitter. As a result, five companies eventually fixed the problem. Unfortunately, I did not receive any responses from government organizations.”

Salesforce says the issue is not a vulnerability but the result of a misconfiguration.

“As previously communicated to all Experience Site and Sites customers, we recommend utilizing the Guest User Access Report Package to assist in reviewing access control permissions for unauthenticated users,” reads a Salesforce advisory that was released in September 2022. “Additionally, we suggest reviewing the following Help article, Best Practices and Considerations When Configuring the Guest User Profile.”

Administrators responsible for Salesforce Community sites should read Krebs’ report in its entirety and ensure their sites are configured properly.

]]>
523305
Maine Government Data Breach Impacts 1.3 Million https://www.webpronews.com/maine-government-data-breach-impacts-1-3-million/ Fri, 10 Nov 2023 17:15:41 +0000 https://www.webpronews.com/?p=599790 The State of Maine has disclosed it suffered a MOVEit data breach, one that has impacted some 1.3 million individuals.

Maine’s government revealed the breach on its website:

On May 31, 2023, the State of Maine became aware of a software vulnerability in MOVEit, a third-party file transfer tool owned by Progress Software and used by thousands of entities worldwide to send and receive data. The software vulnerability was exploited by a group of cybercriminals and allowed them to access and download files belonging to certain agencies in the State of Maine between May 28, 2023, and May 29, 2023.

Importantly, as it pertains to the State, this incident was specific and limited to Maine’s MOVEit server and did not impact any other State networks or systems.

Maine says the type of information that was accessed varies from person to person:

The State of Maine has determined that this incident has impacted approximately 1.3 million individuals, with the type of data affected differing from person to person. The State encourages individuals to reach out to its dedicated call center to verify if they were affected and, if so, to identify what specific data of theirs was involved.

The State of Maine may hold information about individuals for various reasons, such as residency, employment, or interaction with a state agency. The State also engages in data sharing agreements with other organizations to enhance the services it provides to its residents and the public.

The specific information involved in this incident varies based on the individual and their association with the State. However, the following types of information may have been involved: name, Social Security number (SSN), date of birth, driver’s license/state identification number, and taxpayer identification number. In addition, for some individuals, certain types of medical information and health insurance information may be involved.

The state is providing resources to help users know if they were impacted and take steps to protect themselves:

Individuals are encouraged to contact Maine’s dedicated call center to find out if their data was involved or if they have questions about this incident. The phone number is (877) 618-3659, with representatives available from Monday to Friday, 9 AM to 9 PM ET. If it is determined that an individual’s Social Security number or taxpayer identification number is involved, the call center will provide the individual with a complimentary credit monitoring code.

Individuals who receive a code for credit monitoring may enroll in the services by calling (866) 622-9303. Representatives are there to assist you from Monday to Friday, 8 AM to 11 PM ET, and on Saturday from 9 AM to 6 PM ET.

]]>
599790
T-Mobile App Showed Customers Each Other’s Data https://www.webpronews.com/t-mobile-app-showed-customers-each-others-data/ Thu, 09 Nov 2023 13:00:00 +0000 https://www.webpronews.com/?p=598901 T-Mobile customers were treated to seeing each other’s data, as the T-Mobile app leaked billing information across customers.

According to The Mobile Report, T-Mobile customers logging into the app were shown billing information for other customers. After initial reports started showing up, some feared the issue might be the result of yet another data breach.

Fortunately, T-Mobile provided a statement to The Mobile Report saying a data breach was not the cause:

There was no cyberattack or breach at T-Mobile. This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved.

While the clarification is certainly reassuring, the incident is still a massive privacy issue.

]]>
598901
Microsoft Fixes Excel’s Automatic Data Conversion https://www.webpronews.com/microsoft-fixes-excels-automatic-data-conversion/ Tue, 24 Oct 2023 11:00:00 +0000 https://www.webpronews.com/?p=599503 Microsoft has fixed Excel’s Automatic Data Conversion, addressing an issue that impacted the scientific community.

According to The Verge, previous versions of Excel mangled the alphanumeric symbols scientists used to represent gene sequences. Excel would try to convert the symbols into dates.

Microsoft says it has fixed the issue in an upcoming release, giving users the ability to turn off the feature:

Tips and Tricks

  • You can enable or disable the following options:
    • Remove leading zeros from numerical text and convert to a number.
    • Truncate numerical data to 15 digits of precision and convert to a number that may be displayed in scientific notation, if needed.
    • Convert numerical data surrounding the letter “E” to a number displayed in scientific notation.
    • Convert a continuous string of letters and numbers to a date.
  • When you select the When loading a .csv file or similar file, notify me of any automatic number conversions check box, Excel displays a warning message when it detects that at least one of the optional automatic data conversions is enabled and about to occur when opening a .csv or .txt file. The message gives the ability to open the file once without converting the data.

The change should be a welcome improvement for scientists.

]]>
599503
D-Link Announces Data Breach As a Result of a Phishing Attack https://www.webpronews.com/d-link-announces-data-breach-as-a-result-of-a-phishing-attack/ Sun, 22 Oct 2023 18:19:03 +0000 https://www.webpronews.com/?p=599424 D-Link Corporation has announced a data breach that resulted from an employee falling victim to a phishing attack.

Reports began circulating via online forums that D-Link had suffered an attack, prompting the company to investigate. According to the company’s findings, the reports online were exaggerated and filled with half-truths.

D-Link has now issued a statement, outlining the extent of the attack:

The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015. The data was used for registration purposes back then. So far, no evidence suggests the archaic data contained any user IDs or financial information. However, some low-sensitivity and semi-public information, such as contact names or office email addresses, were indicated.

The incident is believed to have been triggered by an employee unintentionally falling victim to a phishing attack, resulting in unauthorized access to long-unused and outdated data. Despite the company’s systems meeting the information security standards of that era, it profoundly regrets this occurrence. D-Link is fully dedicated to addressing this incident and implementing measures to enhance the security of its business operations. After the incident, the company promptly terminated the services of the test lab and conducted a thorough review of the access control. Further steps will continue to be taken as necessary to safeguard the rights of all users in the future.

The company reiterated that it believes most customers are unaffected by the breach:

The post claimed to have millions of user data. Based on the investigations, however, it only contained approximately 700 outdated and fragmented records that had been inactive for at least seven years. These records originated from a product registration system that reached its end of life in 2015. Furthermore, the majority of the data consisted of low-sensitivity and semi-public information.

Judging by the facts, we have good reasons to believe that most of D-Link’s current customers are unlikely to be affected by this incident.

]]>
599424
Casio Data Breach Exposes Customer Data In 149 Countries https://www.webpronews.com/casio-data-breach-exposes-customer-data-in-149-countries/ Fri, 20 Oct 2023 11:49:46 +0000 https://www.webpronews.com/?p=599451 Casio has suffered a major data breach, with bad actors making off with customer data from Japan and 148 additional countries.

According to an apology letter the company posted online, hackers breached the “development environment for ‘ClassPad.net,’ a web application managed and operated by Casio.” The issue stemmed from network security settings being disabled due to “operational error.”

The company listed the personal information that was accessed:

(1) customer name; (2) customer email address; (3) country/region of residence; (4) purchasing information (order details, payment method, license code, etc.); (5) service usage information (log data, nicknames, etc.)

All told, data from customers in 149 countries was accessed:

Customers in Japan

91,921 items belonging to customers, including individuals and 1,108 educational institution customers

Customers outside Japan

35,049 items belonging to customers from 148 countries and regions

Casio says it will contact impacted customers and apologized for the issue

Casio will strengthen technical safety management by implementing security enhancement measures for network routes and databases. In terms of operational management, Casio will implement thorough safety management measures, including reviewing security operational rules and continuing employee training on security measures.

Once again, Casio deeply apologizes for the great inconvenience and concern this incident causes our customers and everyone involved.

]]>
599451
5 Questions on the Impact of Data Sovereignty on Digital Marketing https://www.webpronews.com/data-sovereignty/ Sun, 15 Oct 2023 16:23:29 +0000 https://www.webpronews.com/?p=524218 Different kinds of digital devices and apps produce tons of data, from usage stats to security alerts and multimedia content that device users generate. This data has value to various interested parties, including those involved in digital marketing, business strategizing, espionage, and cybercrimes. That’s why aside from securing data, there are also calls for governments to intervene and prevent their citizens’ data from being stored and processed outside national boundaries.

Referred to as data sovereignty, this is the idea that data should be under the control of its users (through their government). For example, American policymakers want to make sure that the data of TikTok users in the USA is stored and processed in data servers located in the US, putting them under American regulation, away from foreign government access and exposure to threats (because of poor data protection regulations and technologies).

This may make sense, but it also creates new challenges for those that collect, store, and use the data. There are benefits in tightening regulations on data storage and access, but there are also valid concerns over them, especially when taking into account the disruption these regulations bring. Here are the answers to some of the most important questions about data sovereignty, especially as it relates to digital marketing.

How does data sovereignty affect cross-country digital marketing?

The main goal of data sovereignty is to empower governments to have jurisdiction over the data of their citizens. This jurisdiction is aimed at addressing critical concerns like privacy, cybersecurity, and data misuse or abuse. It is a controversial move, but it has been gaining ground in many countries because of the increasing cases of state-backed data security and privacy violations, growing nationalist sentiments, and the economic benefits of having data stored locally.

Data sovereignty policies do not necessarily disregard cross-country digital marketing. It makes the process more complicated, though. Instead of having straightforward access to data from an overseas or cross-border location, marketers will have to set up new layers of operations to comply with local laws. Facebook, for example, cannot process the data of its EU users in real-time to guide its advertising strategies because of a recent EU court ruling that prevents Meta from transmitting the data of EU citizens to US or non-EU servers in line with Article 46(1) of GDPR.

This restriction does not prevent Meta from conducting marketing or advertising activities in Europe, but the company has to have its EU team or subsidiary perform the data accumulation and analysis per the region’s laws. The output would then be transmitted to Meta’s headquarters for the corresponding action. Another option is for Meta to also establish an independent or autonomous operation in the EU to more agilely respond to local data and trends. This means more costs and longer processes.

Does data sovereignty prohibit the storage and processing of data outside of the country of origin?

Data sovereignty does not necessarily mean the absolute prevention of the storage and processing of data outside the country of origin, Some companies may be able to cut deals with governments to allow cross-border data transfers. Still, this affects the agility and scalability of multinational digital marketing campaigns. It is a significant hurdle to the activities of companies that operate multi-nationally. It prevents the seamless movement of data across different jurisdictions, thus restricting the ability to personalize marketing campaigns and target specific audiences.

Data sovereignty has similarities with data localization but they are not always the same. The thrust of the former is about having control over the data generated within a country or jurisdiction. The latter focuses on setting requirements to have certain types of data stored and processed within a specific country or jurisdiction. These data may not always be generated within the country of the government imposing the localization requirement, but they usually involve the citizens of the said government.

How much data is affected by data sovereignty?

An Oliver Wyman study shows that around 92 percent of the data in the Western world is stored in the United States. These are mostly data collected by tech companies, social media, and subscription services in particular. For the longest time, American companies have enjoyed the benefits of quick access to data, allowing them to come up with informed business strategies and decisions quickly and efficiently.

The popularity of American digital services in Asia, Africa, South America, and other non-western regions shows the data advantage of many American companies. With many governments now showing keenness to having data sovereignty laws, this advantage is quickly eroding. 

However, this means that local companies or subsidiaries of multinational digital marketing businesses are getting a boost. They are becoming more relevant as companies need them to comply with data sovereignty, localization, and residency policies. This bodes well for local economies, as it forces businesses to use local servers and have local operations for data processing.

Does data sovereignty make data safer and less prone to abuse?

One of the main arguments in favor of data sovereignty and localization is security. For the proponents, their data is safer if it is in their territory and covered by their laws. There have been many complaints about multinational companies abusing the information about consumers in different parts of the world, with some accused of bombarding consumers with incessant ads across different channels. Others have also been accused of selling data to third parties.

For the most part, data sovereignty does make data less accessible to abusers and threat actors. However, this benefit is limited to the kind of laws or policies a country imposes. Requiring companies to store data locally is not enough. There must be existing laws that ensure privacy and make access to this data secure.

Does data sovereignty benefit digital marketers?

While the effects of digital sovereignty regulations usually mean hurdles or constraints for digital marketers, it does help in two main ways: building trust and supporting local marketing industries. These may not completely compensate for the convenience and efficiency of being able to seamlessly access data across borders, but they are significant enough benefits.

Amid reports of high-profile data breaches and privacy violations, it is understandable that many consumers are becoming wary of the data management practices of multinational companies. The data breaches affecting companies like Yahoo, LinkedIn, Facebook, Alibaba, Weibo, and Adobe demonstrate how risky it is to have data that is free-flowing across national borders. Data sovereignty helps allay fears of more breaches, fostering trust and transparency.

On the other hand, being forced to have local operations to lawfully access and process data is a boon to digital marketers in different locations. It helps create more jobs, although many companies may eventually turn to AI-driven automation to become more efficient.

Striking a balance

Cross-border data transfers are essential for multinational companies and marketers that are trying to reach a global audience. Data sovereignty regulations can mean obstacles as they entail complex legal frameworks and the need to negotiate data transfer agreements. These can limit the agility and scalability of global marketing campaigns, adversely affecting the speed and efficiency of reaching diverse audiences across borders. Nevertheless, digital marketers or multinational companies, in general, are quick to adapt.

Data sovereignty may be seen as a hurdle, but innovative and forward-thinking companies know how to find their way around. They can forge industry collaborations and turn responsible data-handling practices into useful tools to unlock the full potential of digital marketing in an increasingly data-driven world.

]]>
524218
23andMe User Data For Sale Online https://www.webpronews.com/23andme-user-data-for-sale-online/ Sat, 07 Oct 2023 01:23:49 +0000 https://www.webpronews.com/?p=599226 23andMe user data is being offered for sale online after the data was apparently stolen from compromised accounts.

According to BleepingComputer, the DNA testing company confirmed that customer data was stolen in a credential-stuffing attack, using credentials that were exposed in other breaches.

“We were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMe.com accounts,” 23andMe’s spokesperson told BleepingComputer.

“We do not have any indication at this time that there has been a data security incident within our systems.”

“Rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials.”

The stolen data includes “full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location.”

]]>
599226
MGM Resorts Hackers Stole Customer Data https://www.webpronews.com/mgm-resorts-hackers-stole-customer-data/ Fri, 06 Oct 2023 16:24:32 +0000 https://www.webpronews.com/?p=599199 MGM Resorts has confirmed what many feared, saying that hackers stole customer data as part of the breach that crippled the company.

The company made the revelation in a regulatory filing with the SEC:

Based on the ongoing investigation, the Company believes that the unauthorized third-party activity is contained at this time. The Company has determined, however, that the criminal actors obtained, for some of the Company’s customers that transacted with the Company prior to March 2019, personal information (including name, contact information (such as phone number, email address and postal address), gender, date of birth and driver’s license numbers). For a limited number of customers, Social Security numbers and passport numbers were also obtained by the criminal actors. The types of impacted information varied by individual. At this time, the Company does not believe that customer passwords, bank account numbers or payment card information were obtained by the criminal actors. In addition, the Company does not believe that the criminal actors accessed The Cosmopolitan of Las Vegas systems or data. The Company also has no evidence that the data obtained by the criminal actors has been used for identity theft or account fraud.

MGM Resorts has set aside resources to help customers who may have been impacted:

The Company has established a dedicated help line to address questions about this incident, which can be reached at 800-621-9437 toll-free Monday through Friday from 8 am – 10 pm Central, or Saturday and Sunday from 10 am – 7 pm Central (excluding major U.S. holidays). Please reference engagement number B105892 when calling. The Company also has set up a webpage www.mgmresorts.com/importantinformation with additional information. In the coming weeks, the Company will provide notification by email to individuals impacted by this issue as required by law and will offer those individuals free identity protection and credit monitoring services.

]]>
599199
Sony Confirms Data Breach Impacting Employee Data https://www.webpronews.com/sony-confirms-data-breach-impacting-employee-data/ Fri, 06 Oct 2023 02:00:06 +0000 https://www.webpronews.com/?p=599181 Sony has confirmed that it suffered a data breach, impacting thousands of current and former employees’ personal data.

According to BleepingComputer, Sony Interactive Entertainment sent a notice to both current and former employees to inform them that a data breach compromised their information.

We are writing to you as we believe you are a former employee of Sony Interactive Entertainment (“SIE”) or are a family member of a current or former employee of SIE. We want to provide you with information about a cybersecurity event related to one of our IT vendors, Progress Software, that involved some of your personal information. This event was limited to Progress Software’s MOVEit Transfer platform and did not impact any of our other systems. Please read this notice carefully, as it provides information on what happened and what we are doing, as well as information on how you can obtain complimentary credit monitoring and identity restoration services

Sony says the breach was the result of a MOVEit vulnerability.

On May 31, 2023, Progress Software announced a newly discovered vulnerability in its MOVEit file transfer platform, which is used by SIE and thousands of other enterprises around the world. On May 28, 2023, before Progress Software announced the vulnerability and we became aware of it, an unauthorized actor used the vulnerability to download some SIE files stored on our MOVEit platform. On June 2, 2023, SIE discovered the unauthorized downloads, immediately took the platform offline and remediated the vulnerability. An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement

The company knows what data was accessed, but that information is censored in the publicly available copy of the notice.

]]>
599181
Google Changes Its Data Policies In Response to German Regulators https://www.webpronews.com/google-changes-its-data-policies-in-response-to-german-regulators/ Thu, 05 Oct 2023 15:25:34 +0000 https://www.webpronews.com/?p=599162 Germany’s antitrust crackdown on Google is paying off, with the company agreeing to change how it handles user data.

Germany’s antitrust watchdog, the Bundeskartellamt, initiated proceedings over Google’s use of data, resulting in the company making significant changes. The agency outlined how Google will process user data moving forward:

In the future Google will have to provide its users with the possibility to give free, specific, informed and unambiguous consent to the processing of their data across services. For this purpose Google has to offer corresponding choice options for the combination of data. The selection dialogues must be designed so as not to guide users manipulatively towards cross-service data processing (avoiding “dark patterns”). Where data are not actually processed across services and Google’s data processing terms explicitly make this clear, Google will not have to offer choice options. Any obligations under the General Data Protection Regulation remain unaffected by these obligations.

Andreas Mundt, President of the Bundeskartellamt, lauded the decision as one that will protect users’ rights and improve competition:

“Data are key for many business models used by large digital companies,” said Mundt. “The market power of large digital companies is based on the collection, processing and combination of data. Google’s competitors do not have these data and are thus faced with serious competitive disadvantages. In the future users of Google services will have a much better choice as to what happens to their data, how Google can use them and whether their data may be used across services. This not only protects the users’ right to determine the use of their data, but also curbs Google’s data-driven market power. Large digital companies offer a wide range of different digital services. Without the users’ free and informed consent the data from Google’s services and third-party services can no longer be cross-used in separate services offered by Google or even be combined. We have made sure that Google will provide a separate choice option in the future.”

While Google will likely roll out these changes across the EU, it is unlikely users in other parts of the world will see these options unless regulators press the issue.

]]>
599162