Data security

Expert Interview Series: IT Consultant Denny Cherry on the Cloud and Data-Driven Marketing

Denny Cherry has over a decade of experience managing SQL Server and is currently a Principal Consultant for Denny Cherry & Associates Consulting.

We recently talked to Denny about the relationship between IT and marketing, such as data-driven marketing and data security. Here’s what he shared:

Can you tell us about your tech background and expertise? How has your career evolved since you got started as a consultant?

I’ve been working with Microsoft SQL Server for over 17 years now. Through my career I’ve worked on some of the largest SQL Server installations as well as some of the busiest. Over the years there has been a massive change in technology. When I started with Microsoft SQL Server it was still a plucky up and comer in the database world, and it was just a database and that was basically it. Today the SQL Server product is a massive suite of services that do much more than just store data.

Back when I started working in IT the thought of storing company data on the Internet (now we know it as “The Cloud”) was unheard of. If I walked into a VP’s office back then and said that we’d be storing confidential, proprietary data in VMs in the cloud, or handing that data off to a service which is fully managed by another company I would have been laughed out of the room.

These days that’s about half my job. Talking to executives and talking them through the process of moving data and systems into the cloud. The other half of my job these days is actually doing the migrations (and making systems run faster).

What types of help are your clients asking for these days? What are the common pain points or frustrations you’re coming across?

The biggest pain points that we see these days are performance. If systems are on-premises then it’s a matter of finding the performance bottleneck just like we’ve always done. We then work through that bottleneck and move on to the next one.

When the customers are in the cloud we just need to add on a step of “was the cloud configured correctly to begin with? If not we’ll start there. And more times than not it isn’t configured correctly. Usually because it’s configured by someone who doesn’t know the nuances of setting systems up in a cloud-based system. There are some distinct differences that have to be handled early on otherwise performance later will suffer. From there it’s all about performance tuning.

What would you love to see more of your clients do with regards to IT to better prepare their organizations for the future?

The biggest change that I’d love to see from more clients is an embrace of the cloud. Ignore all the marketing talk of infinite scale and fast deployment. Just look at the hard dollars spent buying hardware every three years and the amount of staff time and salary it takes to move things from the old hardware to new hardware every year. All that just goes away with the cloud when running inside VMs. If you can move things from IaaS VMs to PaaS services then things can get even easier and cheaper as there’s less VMs to manage.

Can you talk a little bit about the relationship between IT and marketing today? How has this relationship evolved in the past five years?

IT and marketing have a very interesting relationship. Marketing’s job is to put information out there so that people can access it 24×7, and it needs to be available quickly. IT’s job is to safe guard the data, while making sure that it’s available that 24×7 that the marketing team needs. But the IT team needs to do this with smaller and smaller budgets every year.

From the external marketing point of view it’s a more standard relationship. Marketing at company X is trying to sell some hardware or software package to the IT team. And the IT team needs to figure out if the solution being sold can really do what they say that it can do, usually without buying it and without spending any money.

What have been the biggest challenges facing organizations adapting to an age of more data-driven marketing?

I think that the biggest challenges that organizations are facing when it comes to data driven marketing is making sure that they understand the data that they have so that they are making the correct decisions based on that data. Often, I see people that think they know what the data they have means, but because of some business process that was put into place 20 years ago (or more) the data actually means something completely different from what they think they see.

What have you found are the most useful tools for businesses for managing data and for using it effectively and efficiently for marketing?

One of the most powerful tools that I’m seeing right now is PowerBI from Microsoft. It allows people to see their data in various different ways just by dragging and dropping objects around in Excel. It lets people keep using a tool that they know how to use today but by giving it a server in the background to process the data while allowing the user to keep using the most well known business tool on Earth today, Excel.

What should organizations be doing to secure their data today?

The biggest thing that organizations need to do to secure their data, is take security seriously, up front before something happens. There’s lots of things in IT and in business that can be solved after the fact. Data security (and security in general) isn’t one of them. Once someone has access to the organization’s data, that data is in that person’s hands forever. Things like Multi-Factor Authentication should be the norm for any system that is being accessed from the outside world. Users need to be trained to never give usernames and passwords out over the phone, even if the person calling says that it’s OK to give out that information.

What are the most common mistakes you see organizations making with regards to their data security? What are they risking by not staying ahead of data security?

The biggest mistake that I’ve seen when it comes to security over the years is not budgeting for security, and not allowing time to handle security issues during the development process. Thinking that you’ll be able to deal with security issues later, or in a future release of the software is just careless and dangerous.

Additionally code reviews should be done for all systems that accept user inputs, especially older systems that have been in place for years, to ensure that all the values are accepted and handled properly to prevent SQL Injection attacks.

Users need to be trained so that they can spot social engineers to prevent credentials from being released to an attacker. This includes being able to spot phishing emails and being able to identify phone calls where people are attempting to gather information about the environment.

What IT trends, headlines or innovations are you following today? Why do they interest you?

The two IT Trends that I’ve been watching recently has been the cloud and the Internet of Things (IoT). These areas are just exploding at the moment with huge innovations by various venders doing some really interesting things with this technology. It’s amazing to be able to design the backend solutions for these so that they can scale from 100 users at night to 100 million users during the day without any adverse impact, while keeping the solution as inexpensive and flexible as possible.

Get a full picture of the current health and completeness of your marketing database. Get a free data assessment from ReachForce.