So I got this email a couple of weeks ago from a vendor we'll call the Television Sales Network, which was odd, as I'm pretty sure that the only time I ever bought anything from the Television Sales Network was around 1994. My first thought was, "Golly, that's some serious data mining; these guys must be desperate," but then I read the email.
So I sent them back an email in response, as I thought I might be able to offer some useful advice. It ran something like this:
"Nice work, elbows. [It might have been some other body part, I forget—anatomy's never been my long suit.] Just in case it might be of value to you in the future, let me tell you my customer email story.
"Now, like you, I didn't want to have to manage an email server, so I looked around at services that would handle the emailing for me. Of course, they couldn't do the job without my giving them my subscriber email addresses, so I asked how they'd protect those addresses. They all basically said, 'Hey, don't worry, we've got highly trained professionals, those emails are as safe as houses.' Realizing that my subscribers would be somewhat annoyed if those email addresses somehow found their way to the spammers of the world and that annoyed subscribers would probably not ever buy products from me—I credit this insight to the two years that I spent in graduate school getting my first Masters' degree in public management—I asked them for some kind of structure of compensatory damages, should such a breach occur. They demurred (which is to say that they chuckled patronizingly—understanding phrases like 'demurred' were another benefit of graduate school), explaining that no one would offer that sort of thing, so I had no choice but to do the emails myself, and so wrote a bunch of code that let me manage broadcast emails. No Epsilon, no breaches.
"My suggestion, if I may offer it, is that next time—assuming that you have enough customers left for there to be a next time—back up your promises with a well-paid in-house staff. Then you can manage them directly, maybe hire some penetration testers every other year or so, and yes, it will cost some money, but you'll never have that yucky sensation you're feeling now, as nobody likes egg on their face.
"I hope this helps. Best of luck in your next venture and hey, would you do me a favor? Take my name and my email off your lists and never, ever contact me again. Thanks!"More from Mark Minasi:
- Adding Windows PE to Your Windows 7 System
- Chasing Cloud Computing Quality: It’s Not a Time for Toothless SLAs
- Not Every App Is a Cloud App, But Some Are