Skip links

Case Study of High Security Data Management [Video]

Continued growth is expected in 2014 for data driven marketing, which is already a $140.7 billion industry. But as data driven tactics are being perfected, the fear of too much data and not enough privacy rises.

For some of our clients, particularly those in the financial and health care sectors, business is dependent on the security of their data. For this reason, we’ve established high security data management procedures for our direct mail and digital marketing operations.

We work hard to customize data management procedures so that all security requirements are accommodated and each customer feels comfortable temporarily sharing their data with us.

Here is an example of a custom solution we built for a client with strict data management requirements.

As a first layer of protection, our PGP encryption software by Symantec encrypts data files to protect them during transfer. To unlock a PGP encrypted file, two keys must be used, and those keys belong to the file creator (the client) and Compu-Mail. An exchange of keys takes place between the client and Compu-Mail so that we are able to decrypt and process the data file.


The encrypted file is uploaded by the client to our cloud-based sharing site. We use Citrix ShareFile which has its own advanced encryption protocols and protection measures such as email alerts of all activity and customized control over files.


From ShareFile our data programmers can pull the encrypted files into our secure virtual environment. The measures taken to keep Compu-Mail’s virtual environment as secure as it is could fill up a whole separate blog! In brief, our virtual security measures include regular software updates, routine backups, and the strict filtering of SPAM with two robust firewalls.


The data next finds itself stored on our state-of-the-art SQL Server. This server uses nothing but solid state drives (SSD) because they process at lightning speed and no data is actually “written” to a piece of media. All deletes from a SSD are completely permanent. From our SQL server, data is processed and prepped for print, however it cannot be viewed or duplicated.


Data files are stripped down to just a name, address, and surrogate key before being encrypted and sent out for NCOA processing, which is done by a secure and audited third-party vendor.


Once the data file returns, the rest of the data elements are restored to the file and it is prepped for print.


Before the data finds its home on paper, it passes through our XMPie Server and Printer Postscript where no data is actually stored. As a final precaution, all servers are scrubbed post production.

There’s a lot more to data security than how it is managed in cyber space. Read more about Compu-Mail’s physical security measures here. >>