CRO at OPTIZMO Technologies, LLC, overseeing the company's global sales and strategic partnership initiatives.
getty
It seems like a no-brainer. Your company provides a platform or tool for clients to better manage their sensitive consumer data. That data may be emails, addresses, phone numbers, all three of these or even more attributes merged together. With data security and privacy on everyone's mind these days, you know that what you offer can bring value and help your prospects achieve their stated goals, but the C-level decision-makers are hung up on letting your system access and process this data for them. Headlines have them scared about the data leaving their environment in any way due to fears of it being hacked or stolen.
At my company, this a challenge we see almost daily. Clients use our system to manage email and phone number suppression lists, so their marketing partners know who not to contact in any messaging sent on the client's behalf. These datasets are now consistently viewed legally as "personally identifiable information" even when hashed and without any other identifying info attached. However, applying suppression is a legal requirement in any email or SMS-based marketing effort. So, how do we articulate the safety and security of using a service like ours so they can reap the rewards of utilizing these high-performing marketing channels?
1. At the outset, keep things high level.
Our marketing and development teams work together to create documentation speaking directly to the most common concerns we hear around data privacy: data hashing and encryption, infrastructure security, and testing for system vulnerabilities. The decision-makers don't often want or need to get in the weeds with fine details. They just need that push over the initial mental and legal hurdles. We address this with oversimplified and highly customized data flow charts, visually communicating exactly how their data is entered, stored and accessed in our system. We provide a case study or endorsement from an enterprise-level client with a recognizable name that carries some cache and resonates with the prospect. And finally, we include a brand sheet, showing other notable clients with whom we've gone through a data security vetting process that has been extremely effective.
2. If you have it, flaunt it.
Assuming your team has invested substantially in locking down its infrastructure, flaunt it! (And if not, it may very well be time to revisit some budgetary allocations.) We make much of this information public through our website, including our cloud security alliance certification, our full information security and privacy policies, as well as system architecture and vendor certifications. This level of detail will admittedly overwhelm most nontechnical people. So, we start with the collateral mentioned above to get past the gatekeepers and move here once the second phase of the sales cycle is entered, where more in-depth vetting of our systems is often handed over to an internal information security/analysis team. Even if it's not utilized on the first pass with the higher-ups, often noting that we make this information so freely available lends tremendous credibility to our processes.
3. Immediately address any issues found during the vetting of your company.
No system is perfect, and with the sheer number of various tools and methodologies available for system penetration testing and vulnerability assessments, it's almost impossible to score perfectly when the intent is to find something, anything, that could pose a threat. It's like when you buy a house and hire an inspector, you expect them to find something wrong. Acknowledge the finding, and remedy it. Establish with your prospect that your company is security-minded and quick to move as new industry standards and any potential issues arise.
The world of data security is changing quickly, and with these changes comes the need for companies to be able to market safely and effectively. By starting your sales cycle in a way that's not overwhelming and that addresses the prospects’ primary concerns in a format they can relate to and easily digest, you can better put any concerns to rest and move more quickly toward getting those contracts signed and kicking off a successful partnership.
Forbes Business Development Council is an invitation-only community for sales and biz dev executives. Do I qualify?
