Hidden web tags and your data: How to keep core business assets protected
In my previous blog post, “Hidden web tags and your data: New risks across the board,” I covered how hidden web hidden tags get onto your website, and how proper tag management reduces risk across the board. In this post, I’ll dive deeper into why it’s important. Let’s look at four key business assets – customer experience, regulatory-compliant operations, secure data, and the trust of consumers and business partners – and how tag management protects them from risk.
Customer experience: Don’t let piggyback tags checkmate your site
There’s no doubt that page latency torpedoes customer experience and revenue. Piggyback tags cause a familiar chain reaction of slow page loads, leading to frustrated users and high bounce rates. The impact of page speed on mobile users is particularly severe; a landmark 2016 study by Google found that 53% of mobile users abandon sites that take over three seconds to load. More recent research by Akamai revealed additional catalysts for customer and revenue loss:
- Half of consumers browse for products and services on their smartphones, while only one in five complete purchases using those phones
- A 100-millisecond delay in website load time can hurt conversion rates by 7%
- A two-second delay in web page load time increases bounce rates by 103%
- 53% of mobile site visitors will leave a page that takes longer than three seconds to load (echoing Google’s findings)
As a reference point, the blink of an eye is about 100 to 150 milliseconds.
Proper tag management helps you to optimize the customer experience, which means more people are on the site and generating more revenue, through ecommerce or advertising.
Consumer privacy regulations: “Sorry!” isn’t enough
Around the world, consumers’ data privacy concerns have become a political mousetrap, with legislators responding accordingly. Recent and emerging privacy regulations, like the GDPR and CCPA, are fundamentally changing the way personal data is collected, sold, and used online.
Even more change could be coming. In New York, legislators are considering a privacy bill that would give residents in the state more control over their data than anywhere else in the country. Additionally, the New York Privacy Act, if passed, would require businesses to put their customers’ privacy before their own profits.
Companies that don’t comply can be fined significant amounts. For example, the UK’s Information Commissioner’s Office (ICO), has recently ramped up its fines against companies violating the GDPR. British Airways was fined £183 million ($228 million) for leaking the personal data of 500,000 of its customers. In the US, the Federal Trade Commission has approved a fine of roughly $5 billion against Facebook for mishandling users’ personal information.
It’s imperative for your company to avoid risk by knowing, on a daily basis, what kind of information is being collected on its web properties. Keeping current on privacy compliance is much easier with tag management solutions that give you a real-time picture of which policies need to be updated, and pinpoint specific non-compliant tags.
Data breach and leakage: Hidden web tags are a community chest for malware
These days, just opening an email or viewing an attachment can present a business risk. Phishing, malware, and ransomware are well-recognized approaches to hacking enterprise data, but visible and hidden piggyback tags have the potential to expose enterprises to catastrophic data loss. Some of the largest, most toxic data breaches have been perpetrated through third-party connections – just like the third-party web tags currently hidden on your site.
The credit reporting company Equifax provides an alarming example. In an October 2017 breach that received few headlines, malicious code was injected via the hijacking of a domain associated with an old, disused adtech tag that had remained in the code of one of Equifax’s websites.
The Wall Street Journal called the security incident “a digital whodunit,” as visitors to the website, annualcreditreport.com, were served up fraudulent online surveys, adware, and software designed to steal online banking credentials.
Because tag mapping and tag management tools let you identify and investigate third-party tags, you can discover if unauthorized web tags are lurking on your site—tags that can dramatically increase breach risk. By vetting and removing suspect piggybacked tags, you also eliminate downstream risks, including reputation risk, customer attrition, and consumer class action suits.
Consumer trust: Earn it, don’t erase it
Poor data stewardship can sink even a battleship of a brand. Rampant misuse of consumer data aligns with the fact that trust in brands is more important than ever. According to the 2019 Edelman Trust Barometer Special Report, a global study, 81% of survey respondents said that they “must be able to trust the brand to do what is right.”
Doing what’s right includes placing a premium on customer privacy. Through careful data governance and protection, brands can increase customer loyalty, spend, and lifetime value – all of which reduce the risks of customer attrition and revenue loss.
The most forward-thinking companies are now thinking about their Privacy User Experience (Privacy UX), “taking best practices from the field of user experience and human-centered design and applying them to data collection and privacy interactions.” This encompasses diligent web tag management, including the discovery and elimination of unwanted piggyback tags.
When a company demonstrates that it’s a careful, effective steward of personal data while delivering a top-notch user experience, consumer trust increases. When a brand demonstrates that it’s doing’s what’s right, more people opt in to an ongoing relationship.
Build trust with effective third-party risk management
Hidden web tags threaten the trust of your company’s business partners by posing a risk to the stability of your company’s vendor supply chain and partner ecosystem. In the worst case, poor tag management can result in data breaches through hijacked third-party domains. Far more common, however, is data leakage, when your customer data is shared with competitors through – no surprise here – piggyback tags.
Data leakage is becoming a huge problem for publishers as advertising dollars shift to programmatic digital advertising. Unscrupulous advertisers are taking information about users from ad exchanges without paying publishers for the data or securing user permission. Effective web tag management is essential for publishers to retain control of their user data, preserve customer trust and fulfill their regulatory responsibilities.
Effective tag management is a critical part of third-party risk management (TPRM), a growing discipline within risk management organizations. The frequency and scale of data exchanges with third parties, and the regulatory focus on how organizations are managing them to address the inherent risks is front-and-center of Chief Information Security Officers’ (CISOs) concerns. For example, according to Ponemon Institute’s 2018 report, “Data Risk in the Third-Party Ecosystem,” nearly 60% of US CISOs indicated their firm had been the victim of a third-party breach incident. Yet, only 16% say they effectively mitigate third-party risk.
You have the skills for effective tag management – and know why it’s critical to protecting your business from potentially catastrophic risks. Get a FREE scan of your entire web presence, the first step toward eliminating those critical risks across the board.