When you’re using private data about any contacts on your list via merge fields or element database connections, it’s important to keep that info under wraps. Keep your contacts’ info private and secure with the tips from this lesson.
Home > Ontraport for no-code web apps > Ontraport Dynamic CMS > Privacy + data security
Home > Ontraport Dynamic CMS > Privacy + data security
Privacy + data security
Course Instructor
- The security problems with relying on tracking with a cookie
- The benefits of protecting data behind a membership site
- How to restrict access to sensitive data
Comments
[Block//Author//First Name ##cap_first] [Block//Author//Last Name ##cap_first] on [Block//Date Added %F j, Y g:i a%+0d0h0m]
[Block//Comment]
Leave your comment
14-day free trial. No commitment.
Related resources
[Block//Resource Type]
[Block//Resource Description ##ellipsis(166)]
Transcript
I’ve said it before and I’ll say it again: all these features I’m showing you are powerful and give you incredible new capabilities.
And one of them is to share your data all over the internet. But if that data is private – especially if it’s private data about any contacts on your list – you could find yourself in some hot water if you make it public.
As a reminder, both merge fields and element database connections are designed to pull data out of your account and publish it on the web. When you’re using data based on a visiting contact, it’s especially important to understand and consider how the system identifies who’s visiting your site.
The system shows the data for whoever it thinks the visiting contact is, based either on data from cookies or login info.
Please remember that tracking with a cookie is not 100 percent accurate or secure. For example, if someone forwards an email to their friend and their friend clicks the email, you're probably going to think that friend was the initial email recipient.
If you’ve put a page up on the web that lists your contact’s files, and maybe one of those files is confidential, well…the contact’s friend is going to be able to see it too.
So, be cautious about what data you use in your pages and blocks.
The best plan is to protect these pages by putting them in a membership site. People will have to log in with a username and password to see them. That’s far, far more secure and will limit the exposure of personal data to only people who have login credentials.
It’s also more reliable because sometimes people clear their cookies, which would make it impossible for the system to show anything at all in your dynamic block that’s based on data in the contact record.
Now, you understand all that because we’ve said it over and over. But there may be people on your team who aren’t quite as tech-savvy as yourself, so let me point out that these dynamic CMS features have permission settings, and you’d be wise to limit who has access to creating pages that can expose your private data.
We have a whole video on adding users and setting up permissions that explains how these permission settings work.
Turning these two features off in your permission settings for team members who haven't watched this training may prevent them from making a damaging mistake. Here's how to do that:
Go to your user profile icon, click on the “Administration” button, then the “User Management” tab. Click on “User Management,” select a user and finally, turn off permissions for dynamic pages and dynamic blocks.
Hopefully now, you have a better understanding of how you can protect contacts’ data that you’d rather keep private and how Ontraport lets you do that.
And one of them is to share your data all over the internet. But if that data is private – especially if it’s private data about any contacts on your list – you could find yourself in some hot water if you make it public.
As a reminder, both merge fields and element database connections are designed to pull data out of your account and publish it on the web. When you’re using data based on a visiting contact, it’s especially important to understand and consider how the system identifies who’s visiting your site.
The system shows the data for whoever it thinks the visiting contact is, based either on data from cookies or login info.
Please remember that tracking with a cookie is not 100 percent accurate or secure. For example, if someone forwards an email to their friend and their friend clicks the email, you're probably going to think that friend was the initial email recipient.
If you’ve put a page up on the web that lists your contact’s files, and maybe one of those files is confidential, well…the contact’s friend is going to be able to see it too.
So, be cautious about what data you use in your pages and blocks.
The best plan is to protect these pages by putting them in a membership site. People will have to log in with a username and password to see them. That’s far, far more secure and will limit the exposure of personal data to only people who have login credentials.
It’s also more reliable because sometimes people clear their cookies, which would make it impossible for the system to show anything at all in your dynamic block that’s based on data in the contact record.
Now, you understand all that because we’ve said it over and over. But there may be people on your team who aren’t quite as tech-savvy as yourself, so let me point out that these dynamic CMS features have permission settings, and you’d be wise to limit who has access to creating pages that can expose your private data.
We have a whole video on adding users and setting up permissions that explains how these permission settings work.
Turning these two features off in your permission settings for team members who haven't watched this training may prevent them from making a damaging mistake. Here's how to do that:
Go to your user profile icon, click on the “Administration” button, then the “User Management” tab. Click on “User Management,” select a user and finally, turn off permissions for dynamic pages and dynamic blocks.
Hopefully now, you have a better understanding of how you can protect contacts’ data that you’d rather keep private and how Ontraport lets you do that.
Features
© Ontraport 2024
playlist_add_check
PCI DSS, Level 1
security
Privacy Shield Certified