Best Practices: Email Deliverability and Privacy Flashcards
According to the 2014 Email Deliverability 101 report, how many opt-in marketing emails never make it to the in-box?
Over 20%.
Where do emails that don’t make it to in-boxes end up?
In spam or junk folders, or are blocked by ISP-level filtering before even making it to the email address.
What region had the highest rate of commercial emails delivered to the in-box?
Europe.
Define email deliverability.
The process of putting your email marketing messages into the in-box of recipients.
One of the key factors to successful email deliverability is creating email campaigns that are __________
relevant to your audience.
Your ability to reach prospects’ in-box is tied to ___
deliverability and privacy.
You are responsible for developing a comprehensive ___
privacy policy.
You need to reduce the likelihood of _____, unsubscribes, bounces, and spam traps.
complaints
You need to reduce the likelihood of complaints, ____, bounces, and spam traps.
unsubscribes
You need to reduce the likelihood of complaints, unsubscribes, ___, and spam traps.
bounces
You need to reduce the likelihood of complaints, unsubscribes, bounces, and ____.
spam traps.
Your reputation as an _____ impacts your potential reach as a marketer.
email sender
To understand your email service provider’s capabilities, you should (1) _________; (2) get proper counsel; (3) attain third-party certification as a trusted sender.
know privacy laws where you do business
To understand your email service provider’s capabilities, you should (1) know privacy laws where you do business; (2) _____; (3) attain third-party certification as a trusted sender.
get proper counsel
To understand your email service provider’s capabilities, you should (1) know privacy laws where you do business; (2) get proper counsel; (3) ______.
attain third-party certification as a trusted sender.
Best practices for successful email deliverability: (1) ______, (2) Manage your email list, (3) Optimize your content.
Manage your reputation
Best practices for successful email deliverability: (1) Manage your reputation, (2) _____, (3) Optimize your content.
Manage your email list
Best practices for successful email deliverability: (1) Manage your reputation, (2) Manage your email list, (3) ______.
Optimize your content
____ is based on your behavior as an email sender.
Sender reputation
To manage your sender reputation, you need to know your __
Sender score
Spam filtering has made a shift from _______ to a reputation based system.
content scoring
To manage your email reputation, you need to control ______.
spam complaints.
To keep spam complaints down and comply with regulations, you should ______
obtain recipient permissions.
To see the data underlying your email sender score, you can _____
register at senderscore.org.
Sender scores use the following data: (1) _____, (2) complaint rates (3) unknown user rates (4) infrastructure (5) spam trap hits (6) content
send volume
Sender scores use the following data: (1) send volume, (2) _____ (3) unknown user rates (4) infrastructure (5) spam trap hits (6) content
complaint rates
Sender scores use the following data: (1) send volume, (2) complaint rates (3) ____ (4) infrastructure (5) spam trap hits (6) content
unknown user rates
Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) ___ (5) spam trap hits (6) content
infrastructure
Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) infrastructure (5) ___ (6) content
spam trap hits
Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) infrastructure (5) spam trap hits (6) _____
content
Sender scores are based on a scale of
0 to 100
If you would like to see your Sender Score, you must first know if…
you are using a Dedicated IP or a Shared IP
If you are on the Shared IP range, can one company’s bad behavior affect another company’s sender score?
Yes.
Besides senderscore.org, where can you find more statistical information on sender scores?
Eloqua Trust page.
What did a Return Path study learn about messages sent by senders with a sender score lower than 50?
Over 85% of them were classified as spam.
For webmail providers, a sender score of 90+ equals what average inbox rate?
84%
What is the #1 global deliverability organization?
ReturnPath
If your sender score is in the highest benchmark range of 90-100, what will your average deliverability rate be?
95%
Where do most legitimate businesses fall in terms of sender score, and what does this mean for their average deliverability rate?
Most fall in the range between 60 and 89, and end up with an average deliverabiity rate of 68%.
Sender Scores are based on what three key components?
Complaints, unknown users, and spam traps.
What is the “unknown users” component of sender score?
The percentage of emails sent from an IP address to nonexistent addresses - aka hard bouncebacks.
______ are dummy email addresses developed by ISP’s or anti-spam organizations to catch illegitimate emails.
Spam traps
If your email is caught in a Spam Trap, ISPs send out a _____ message.
5XX Unknown User SMTP error message
One Spam Trap can decrease your Sender Score and inbox placement rates by how much?
Your Sender Score can decrease by more than 20 points and your inbox placement rates can go to 81% and lower.
Spam Traps can cause your ____ to become blacklisted.
Mailing IP’s and/or domains
Membership in the ____ may be suspended for exceeding acceptable Span Trap thresholds.
Return Path Certification Program.
Because identifying Spam Traps can be time consuming, you should narrow in on …
suspicious segments.
For the most part, _____ are the primary source of Spam Trap addresses.
rented or purchased lists.
You can manage Spam Traps by using an _____ filter to…
using an inactivity-based filter to filter out inactive contacts from your list.
A ______ can check your lists against known spam trap addresses.
third-party service
If you need more help with spam traps, consider using a…
Delivery Program Assistance incident.
A Delivery Program Assistance incident is available as part of Eloqua’s…
Branding and Delivery Boost package.
To control complaints, (1) monitor complaint trends and (2)
Avoid getting on blacklists.
To control complaints, (1) ___ and (2) Avoid getting on blacklists.
monitor complaint trends
As a best practice, keep a close eye on your complaints. When should you benchmark?
Every few months and/or when you email in large batches.
A _____ is a list of IP addresses, URLs, or domain names that are to be avoided.
blacklist
Blacklists are chiefly used to publish…
lists of addresses linked to spamming.
tip 1 to remove yourself from a blacklist: (1) visit the link to the ______ that is included in the notification
blocking service
tip 2 to remove yourself from a blacklist: (2) If the link to the blocking service is not provided, search your ___
Bounceback History report
tip 3 to remove yourself from a blacklist: contact the _____ to discuss and identify the issue
ESP/ISP Postmaster
How can you find out if you’re on a blacklist?
Use an online tool
If you’ve been blocked via blacklist, you will typically…
receive a notification.
___ is an email validation system, allowing admins to specify which hosts are allowed to send email from a given domain.
Sender Policy Framework (SPF)
What does SPF stand for?
Sender Policy Framework
SPF creates a specific ______ in your DNS settings.
SPF or TXT record
When Eloqua is first installed, part of the implementation process involves setting your ____ to validate email spoofing.
SPF record details within the DNS settings on all sending domains.
A _____ is a list of approved IP addresses and senders.
whitelist
To get your IP address on a whitelist, you need to establish a track record as a ___
permission-based email marketer.
_____ provides the certification to whitelist your IP address.
Return Path
Does manually moving messages into the junk folder impact the complaint rate?
Not on a desktop client like Outlook, but it will on web clients like Gmail.
The rate of email complaints _____ as the sender score rises.
falls dramatically
To gain recipient permission, send emails only when ____
explicitly requested.
To gain recipient permission, _____ neutral contacts.
target neutral contacts in an attempt to get them to opt-in.
To gain recipient permission, ____ inactive contacts.
re-engage
To gain recipient permission, _______ active opt-in contacts
strengthen your relationship with active opt-in contacts.
To gain recipient permission, respect…
subscriber preferences about content and timing.
When someone submits an email address in a web form, then submits that address again on a second page, it is referred to as…
double opt-in.
When someone fills out a web form, then affirms their request again to be on your mailing list, it is referred to as…
confirmed opt-in.
Spammers use the term _______ to refer to a situation where the subscriber was opted in without their consent, then “opted in” a second time by failing to unsubscribe.
double opt-in
As a best practice, use the __ to increase the number of valid emails in your database.
Confirmed Opt-In
Is Confirmed Opt-In widely used? Why or why not?
It is used by very few clients because of its impact on the subscription rates.
To manage your email list, (1) ____, (2) perform IP warming, (3) process bouncebacks, (4) filter to find active contacts.
validate list sources.
To manage your email list, (1) validate list sources, (2) perform IP warming, (3) _____, (4) filter to find active contacts.
process bouncebacks
To manage your email list, (1) validate list sources, (2) perform IP warming, (3) process bouncebacks, (4) ___
filter to find active contacts.
To manage your email list, (1) validate list sources, (2) _____, (3) process bouncebacks, (4) filter to find active contacts.
perform IP warming
True or false: Best practice says do not buy or rent lists.
True.
If you buy lists, understand (1) _____ (2) age and last usage date (3) how they monitor and remove complainers (4) how they verify and maintain opt-in statuses
source of data
If you buy lists, understand (1) source of data (2) ________ (3) how they monitor and remove complainers (4) how they verify and maintain opt-in statuses
age and last usage date
If you buy lists, understand (1) source of data (2) age and last usage date (3) ______ (4) how they verify and maintain opt-in statuses
how they monitor and remove complainers
If you buy lists, understand (1) source of data (2) age and last usage date (3) how they monitor and remove complainers (4) ____
how they verify and maintain opt-in statuses
Use Case - Eloqua’s marketing IP had been blocked on ____
SpamHaus
Eloqua had to remove a purchased list from its database in its entirety, which meant…
they lost addresses they had paid for.
Out of the SpamHaus incident, Eloqua’s ___ document was born.
Outside List Acquisition Best Practices document
To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) ______; (3) use recent contact info only; (4) use HTML with simple design; (4) review reports after each send.
confirm the list does not contain previously unsubscribed addresses
To perform IP warming, (1) ______ (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) use HTML with simple design; (4) review reports after each send.
send emails to all addresses in a phased manner and then remove hard bounces;
To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) ______; (5) review reports after each send.
use HTML with simple design
To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) use HTML with simple design; (5) _____.
review reports after each send
To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) _____; (4) use HTML with simple design; (4) review reports after each send.
use recent contact info only
__ is the process of slowly introducing your new sender IP address by gradually increasing the volume of emails sent from that IP over a period of time.
IP warning
Many companies skip the IP warming process. Why?
Because it may slow their sending for the first month.
In IP warming, the first step uses content that is…
not time sensitive.
3 good campaign types to use for IP warming are:
(1) a data harvest campaign, (2) a campaign to update subscription options, or (3) a simple newsletter campaign
Step 2 in IP warming is to build a list of contacts that…
have explicitly opted-in.
In the first week of IP warming, send the email to…
1% of your total list each day.
In the second week of IP warming, send the email to..
3% of the list each day
In the third week of IP warming, increase the email send to…
10% of the list each day.
During IP warming, monitor and remove contacts who…
bounceback, unsubscribe, or complain.
To manage lists successfully, (1) ____ (2) keep hard bouncebacks under 3% (3) monitor spam complaints and bounceback reports
remove hard bouncebacks from segment
To manage lists successfully, (1) remove hard bouncebacks from segment (2) _____ (3) monitor spam complaints and bounceback reports
keep hard bouncebacks under 3%
To manage lists successfully, (1) remove hard bouncebacks from segment (2) keep hard bouncebacks under 3% (3) ____
monitor spam complaints and bounceback reports
Eloqua by default auto-suppresses any sends to a Contact flagged as a…
hard bounceback
Not sending to hard bouncebacks supports…
reporting
What timeframe do most Eloqua clients use to weed out inactive contacts?
3 - 6 months
After __ unsuccessful attempts to engage contacts, it’s time to…
suppress them from future sends.
To manage your content, (1) ______, (2) optimize relevancy and frequency, (3) review and refine content.
reinforce email expectations
To manage your content, (1) reinforce email expectations, (2) ______, (3) review and refine content.
optimize relevancy and frequency
To manage your content, (1) reinforce email expectations, (2) optimize relevancy and frequency, (3) ______.
review and refine content
To reinforce email expectations, (1) ______, (2) send welcome messages, (3) check in with contacts periodically, (4) move subscription management options to upper half of your emails
communicate your privacy policy
To reinforce email expectations, (1) communicate your privacy policy, (2) send welcome messages, (3) _____, (4) move subscription management options to upper half of your emails
check in with contacts periodically
To reinforce email expectations, (1) communicate your privacy policy, (2) send welcome messages, (3) check in with contacts periodically, (4) ____
move subscription management options to upper half of your emails
To reinforce email expectations, (1) communicate your privacy policy, (2) ____, (3) check in with contacts periodically, (4) move subscription management options to upper half of your emails
send welcome messages
To optimize relevancy and frequency, use ___ to test frequency and determine the optimal mix for your target audience.
automated programs
To optimize relevancy and frequency, ask subscribers for…
input and feedback.
What should you strive for in bounce and complaint rates?
Bounce rate less than 3%, complaint rate less than 0.01%
You should generate reports that provide insight into:
bounces, complaints, and unsubscribes
Forrester’s Email Marketing Trends 2012 report shows what two are the leading reasons for unsubscribes?
Relevance at 31.4%, frequency at 30.7%
In the ASCE case study, how did Eloqua help ASCE send to over 1.5 million contacts in 30 days with a 98% inbox acceptance rate?
(1) Analyzed lists, (2) optimized content, (3) sent emails in multiple small batches each day.
The ______ report allows you to see the contacts that have bounced per email
Email Bounceback Overview
The ___ report allows you to see specific bounceback error messages
Bounceback History with Messaging
The __ report allows you to see bounceback messages generated by email sends by Sales reps
Sales Email Overview
The ____ report allows you to see who has reported you as spam to their email provider
Spam Unsubscribe Report
What are the three standard testing tools of Eloqua per email?
General Deliverability Test, Inbox Preview Test, and Spam Content Check
To access the General Deliverability test from an email…
Action > Test Content and Deliverability
Test Content and Deliverability allows external tests via ___
Return Path
The _______ test sends your email to a variety of seed accounts and returns Inbox, Junk, and Missing percentages or each domain.
General Deliverability Test
The output of the General Deliverability test is an __ that displays your deliverability percentages around the world.
an Excel file
The Excel file that you get after running a General Deliverability Test shows what three statistics?
Inbox Percentage, Bulk Percentage, and Missing Percentage.
“Missing” emails are what?
Emails that never made it to the Inbox or the Junk folders, which typically means they were blocked at the ISP level.
The General Deliverability column that reads ISP also includes what else?
ESP’s and Spam filters
The _____ report shows how emails will appear in a number of different email client inboxes.
Inbox Preview Test
The ___ and the ____ run together
Inbox Preview Test and Spam Content Test
The __ examines email performance against a range of commonly used email spam filters.
Spam Content Test
The Spam Content Test evaluates your email for _____ words
spam-like words
A link reputation check checks your email for…
links to questionable websites
Which report shows information more on the bouncebacks themselves, and not the Contacts?
Bounceback History with Messaging
Name three steps with regards to Email Deliverability Best Practices.
- Manage your reputation, 2. Manage your email list, 3. Optimize your content
What factors is your sender reputation based on?
Complaints, unknown users, and spam traps.
Canada’s Anti-Spam Legislation is a __ available to everyone
Private Right of Action (PRA)
True or false: CASL is not limited to email communications.
True. It includes all commercial electronic communication.
True or false? CASL requires express affirmative consent, or opt-in.
True.
True or false? CASL requires truthful headers like sender and subject line.
True.
True or false? CASL permits you to alter transmission data.
False.
True or false? CASL requires a conspicuous unsubscribe mechanism.
True.
True or false? CASL requires you to include the postal address of the sender.
True.
Under CASL, can you perform address harvesting or send to harvested addresses?
True.
Who has liability under CASL?
Entities who knowingly allow spam to be sent on their behalf
The CASL law accepts implied opt-in in what 3 situations?
(1) existing business relationship; (2) conspicuously published email addresses; (4) recipients have provided email address directly to sender
Is it an existing business relationship if someone donates to, volunteers for, or becomes an official member of your organization?
No.
What are CASL fines?
Up to $1 million per violation for individuals, up to $10 million per violation for businesses.
To grow your database, adopt rigorous list management and acquisition practices, including:
a double opt-in or confirmed opt-in process.
Keep opt-outs ______________
simple and easy to access
A C-28 best practice is to include what kind of contact information in each email?
Company name, contact information and sender’s information if company is sending emails on your behalf?
A C-28 best practice is to build your own list of …
permission-based contacts.
In case your unsubscribe link is not working properly, you should include a….
phone number.
CASL’s anti-spam provisions went into effect when?
July 1, 2014
When do CASL’s installation of computer programs provisions go into effect?
January 15, 2015
When do CASL’s Private Right of Action provisions take effect?
July 1, 2017
For more info on CASL where can you go?
The Canadian Communications Law website.
What are 3 things you should do today about CASL?
(1) Check if you have opt-in confirmation for Canadian contacts (2) if not, obtain explicit consent within 2 years (3) segment contacts by country
What are penalties for CAN-SPAM violations
Up to $1 million or 5 years in prison
For more info on CAN-SPAM where can you go?
Bureau of Consumer Protection Business Center
CAN-SPAM prohibits the use of false or misleading _________
header information and subject lines
True or false: CAN-SPAM requires you identify a message as an ad.
True.
What are CAN-SPAM’s opt-out requirements?
Tell recipients how to opt out, and honor opt-out requests promptly
Does CAN-SPAM require you to monitor what others are doing on your behalf?
Yes.
What kind of contact information does CAN-SPAM require you to provide?
A valid physical postal address.
Under CAN-SPAM, can your contact address be a P.O. box?
Yes.
The key to determining if your message is commercial or transactional lies in…
The bulk of the message’s content.
Under CAN-SPAM and CASL can you include a short commercial message in a transactional email?
Yes.
4 CAN-SPAM best practices: (1) ____; (2) Keep a company-wide Do Not Email list; (3) Include address specific code to help identify Do-Not Email requests; (4) honor opt-out requests promptly
Use a footer allowing opt-outs
4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) _____; (3) Include address specific code to help identify Do-Not Email requests; (4) honor opt-out requests promptly
Keep a company-wide Do Not Email list
4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) Keep a company-wide Do Not Email list; (3) _____; (4) honor opt-out requests promptly
Include address specific code to help identify Do-Not Email requests
4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) Keep a company-wide Do Not Email list; (3) Include address specific code to help identify Do-Not Email requests and prevent forwarded emails from being confused with spam; (4) _____
honor opt-out requests promptly
Do CAN-SPAM and CASL prohibit no-reply email addresses for commercial email?
Yes.
Does Eloqua automatically include recipient-specific coding in emails to prevent forwarded emails from being confused with spam?
Yes.
Under CAN-SPAM and CASL, what are the time requirements for unsubscribe requests to be processed?
Must be processed within 10 days.
Under CAN-SPAM and CASL, how long after an email is sent must the Unsubscribe link be valid
60 days.
What is Canada’s privacy law called?
PIPEDA
What is the EU privacy law called?
EU Data Protection Law
Does the US have different laws for different types of data?
Yes
In the US, who governs commercial data privacy?
The Federal Trade Commission (FTC)
In the US< who governs health data?
Department of Health and Human Services
When did PIPEDA become law in Canada?
April 13, 2000
What does PIPEDA stand for?
Personal Information Protection and Electronic Documents Act
The 5 principles of PIPEDA are: (1) ____, (2) Identifying Purposes (3) Consent (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention
Accountability
The 5 principles of PIPEDA are: (1) Accountability, (2) _____ (3) Consent (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention
Identifying Purposes
The 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) ___ (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention
Consent
The 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) Consent (4) _____ (5) Limiting Use, Disclosure, and Retention
Limiting Collection
The first 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) Consent (4) Limiting Collection (5) ______
Limiting Use, Disclosure, and Retention
According to the _____ principle of PIPEDA, you have to have an individual at your organization who owns PIPEDA compliance.
Accountability
The _____ principle of PIPEDA says a company has to tell you why they want certain information.
Identifying purposes
What is one example of a way you can provide data without giving consent?
When your online behavior is tracked via cookies.
The _____ principle of PIPEDA means you can only collect as much data as you need for the purpose.
Limiting Collection.
The ____ principle of PIPEDA means you can’t keep information longer than you need it to fulfill the purpose you stated when you collected the data.
Limiting Use, Disclosure, and Retention
The second 5 principles of PIPEDA are (6) Accuracy, (7) ____, (8) Openness, (9) Individual access, (10) Challenging compliance
Safeguards
The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) _____, (9) Individual access, (10) Challenging compliance
Openness
The second 5 principles of PIPEDA are (6) ___, (7) Safeguards, (8) Openness, (9) Individual access, (10) Challenging compliance
Accuracy
The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) Openness, (9) ____, (10) Challenging compliance
Individual access
The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) Openness, (9) Individual access, (10) _____
Challenging compliance
The ____ principle of PIPEDA means you have to provide easy access to the PIPEDA compliance officer at your organization to address any challenges.
Challenging Compliance
Six PIPEDA best practices are (1) _____ (2) opt-outs (3) education (4) never share data (5) use of voice (6) be sure you know who you’re talking to.
privacy policy
Six PIPEDA best practices are (1) privacy policy (2) ____ (3) education (4) never share data (5) use of voice (6) be sure you know who you’re talking to.
opt-outs
Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) _____ (4) never share data (5) use of voice (6) be sure you know who you’re talking to.
education
Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) _____ (5) use of voice (6) be sure you know who you’re talking to.
never share data
Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) never share data (5) _____ (6) be sure you know who you’re talking to.
use of voice
Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) never share data (5) use of voice (6) ____
be sure you know who you’re talking to.
The ______ PIPEDA best practice means to use the data you’ve gathered intelligently and discreetly.
Use of Voice
“Not Joe, click here” is an example of what PIPEDA best practice?
Be sure you know who you’re talking to.
In the EU, what kind of consent must you obtain before installing cookies on a person’s computer
explicit opt-in consent.
EU’s protection applies when data is collected or processed in or through…
an establishment located in any EU member state.
If the data is processed through ______ located in the EU, the EU protection requirement applies
equipment, in particular a server
Some EU member states have national data protection laws that are…
stricter than the EU data protection law.
EU: Which law always overrides? The stricter or the weaker?
The stricter
EU: Who is responsible for compliance - Eloqua or the customer?
The customer.
EU: To draft and obtain consent, you should use _____ language.
Plain language.
EU: To obtain consent, the ____ has to be identified
data controller
EU: To obtain consent, you must disclose the ___ of data collected, ____, and why ____
type of data collected, how it is done, and why it is being collected and processed.
EU: What needs to be in place to prevent giving of consent by mistake?
Safeguards.
What’s an example of a safeguard?
Not providing pre-checked boxes.
EU: You must provide information on the consequences of:
not consenting.
EU: you must give a brief explanation of the users’
rights.
EU: When does the user need to give consent?
Prior to the collection of personal data.
An essential certification for transferring data from the EU to the US for processing is….
Safe Harbor
Is Eloqua Safe Harbor certified?
Yes
Is it a good idea to obtain your own Safe Harbor certification?
Yes
A third party privacy monitoring and auditing service is…
TRUSTe
TRUSTe ensures compliance with…
Safe Harbor certification and related marketing practices.
Eloqua works directly with TRUSTe. This enables customers to (1) and (2)
(1) enjoy one-click access to TRUSTe data management solutions and auditing (2) attach the TRUSTe symbol to emails, forms, and landing pages.
Eloqua supports EU privacy compliance with: (1) ______ (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official
Tracking and cookies enablement
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) _______ (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official
Visitor tracking opt-outs
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) ______ (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official
Confirmed opt-in process
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) _______ (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official
Subscription management
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) _______ (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official
Master Exclude list
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) ________ (7) Notification and Data Protection Official
Form layouts with tracking opt-in options
Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) ________
Notification and Data Protection Official
Name the three Strict Mode tracking options.
(1) Track all visitors (2) Track visitors that are not on the Country by IP restriction list and track visitors from restricted countries that have opted-in to tracking (3) Do not track any visitor unless he has opted-in to tracking
Which Strict Mode tracking option is the most commonly used?
Dynamically tracking visitors based on the country they’re in.
Does Eloqua maintain a list of countries that require opt-ins?
Yes.
Whose responsibility is it to make sure the list of IP restrictions is complete and that you comply with the privacy laws?
Yours. Eloqua provides guidelines to create a list of IP restrictions.
How do you enable Strict Mode settings?
Contact Eloqua Support using My Oracle Support.
Once you enable Strict Mode, can it be enabled only for some websites you track?
No, it’s enabled for your entire Eloqua install.
Things to check today: (1) ________ (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?
do you have an EU presence?
Things to check today: (1) do you have an EU presence? (2) _______ (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?
are you tracking EU prospects?
Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) ______ (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?
Do you offer tracking opt-out?
Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) _______ (5) Does your privacy policy state you are dropping a cookie?
Do you have a mixed install?
Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) _____
Does your privacy policy state you are dropping a cookie?
What is meant by a mixed install?
You have a global marketing team sharing the same Eloqua database
True/False: C-28 is a private right of action available only to businesses.
False
True/False: There is no implied consent for referrals.
True.
True/False: C-28 accepts implied opt-in consent when the recipients have provided their email address directly to the sender.
True.
What does ESPC stand for?
Canada’s Email Sender and Provider Coalition.
In Canada, how long is implied consent valid for in most cases?
Two years.
Under the EU Data Reform, the __________ requires organizations to completely delete someone’s personal data if they request it.
Right to be Forgotten
The ________ proposes to create one universal set of guidelines and laws on data protection that will apply to all of the EU
EU Data Reform
Under the EU Data Reform, the ______ notification requirement would be removed
regional
Under the EU data reform, when must data breaches be reported?
Within 24 hours.
The EU Data Reform has increased stringency around ___ advertising.
behavioral advertising
Under the EU Data Reform, companies must share data on an individual on request in a _______ format.
portable
In 2012, the ________ put together a Data Breach Investigations report that was released in 2013
Verizon Enterprise RISK team
True or false: Data storage companies are more susceptible to data breach from within, and therefore they are the only ones who need to take preventative steps against data breach.
False.
According to Verizon’s 2013 Data Breach Investigations report, who was responsible for data breaches?
92% of breaches stemmed from external agents.
What types of external agents committed data breaches?
55% organized crime, 21% state-affiliated, 21% unknown, 2% Hactivists, 1% former employees
What was the motivation for state-affiliated data breaches?
Usually espionage.
We are getting better at protecting against _____ and ____.
Hackers and malware.
In 2012 there were large upticks in ____, _____, and ____ types of data breaches.
physical, social, and misuse
Physical data breach attacks encompass ____ and increased by ____ in 2012.
actual physical theft, increased by 25%
____ is the main source of social data breaches and includes tactics such as ____ and _____
Email; phishing and pretexting
When an individual lies to obtain privileged data, this is called _____
pretexting.
To prevent data breaches, smaller organizations should (1) _____, (2) change default credentials of POS systems and other Internet-facing devices (3) Use two-step verification (4) Check third-party IT vendors’ security measures
use a firewall
To prevent data breaches, smaller organizations should (1) use a firewall, (2) ______ (3) Use two-step verification (4) Check third-party IT vendors’ security measures
change default credentials of POS systems and other Internet-facing devices
To prevent data breaches, smaller organizations should (1) use a firewall, (2) change default credentials of POS systems and other Internet-facing devices (3) ______ (4) Check third-party IT vendors’ security measures
Use two-step verification
To prevent data breaches, smaller organizations should (1) use a firewall, (2) change default credentials of POS systems and other Internet-facing devices (3) Use two-step verification (4) _______
Check third-party IT vendors’ security measures
To prevent data breaches, larger organizations should (1) _____ (2) ensure all essential controls are met and regulated (3) monitor event logs (4) evaluate current threats in your industry space
eliminate unnecessary data
To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) _____ (3) monitor event logs (4) evaluate current threats in your industry space
ensure all essential controls are met and regulated
To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) ensure all essential controls are met and regulated (3) _____ (4) evaluate current threats in your industry space
monitor event logs
To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) ensure all essential controls are met and regulated (3) monitor event logs (4) ___
evaluate current threats in your industry space
By February 2014, the cost of the December 2013 retail store data breach was:
$61 million
The April 2014 ___________ took advantage of a weakness in the OpenSSL and allowed hackers to gather data from supposedly secure sites.
HeartBleed Bug
How many secure web servers were vulnerable to the HeartBleed Bug attack?
17%, or a half million
What was the worst intelligence data breach of all time?
The Snowden affair
Why did Edward Snowden have access to so much information?
Through lack of compartmentalization and security access levels
Eloqua’s ______ allow you to manage the IP addresses that are allowed to access your database.
IP address restrictions
Data Breach Law - best practices: (1) ______ (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain information security policy
safe internal network
Data Breach Law - best practices: (1) safe internal network (2) ______ (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain information security policy
protect cardholder data
Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain a ______ (4) access control measures (5) monitor and test networks (6) maintain information security policy
Vulnerability Management program
Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) _____ (5) monitor and test networks (6) maintain information security policy
access control measures
Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) ____ (6) maintain information security policy
monitor and test networks
Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain _____
an information security policy
