How to Use Role-Based Access Control With Marketing Automation
You made it but how do you control it?
I’m not talking about Frankenstein’s monster, of course. I’m talking about your marketing automation system.
Access control is one of the lesser talked about aspects of marketing automation. A system that’s designed to work on autopilot also needs an access system that’s sufficiently automated.
One way to do this is by creating role-based access controls. This removes the individual from the system and allows it to be endlessly scalable.
I’ll talk about role-based access control in this guide, and how to use them in your automation system.
Why Access Management Matters
A marketing automation system (or any other automation system for that matter) is designed to scale by default.
After all, if you were going to control every aspect of the system manually, you’d just hire someone instead of using automation.
As this system grows and adds more users, it becomes increasingly difficult to control access to data and documents. Maybe you hired a new designer. Can this designer access all your company’s documents? Or does she get access to only documents within the design department?
Complicating things further is departures from the company. Maybe the marketer who set up the system leaves. How do you ensure that all his data and access rights are transitioned smoothly?
Think of all the ways a company might use an automated system. Maybe you’re using it to send automated messages to new leads. Or maybe you’re using it to send weekly project status reports to clients.
For this to be effective, you need to figure out which people have access to which data. Who can create templates and set up automation rules? Who can delete them?
As an organization grows, so does its complexity and exposure to security lapses. A user accessing documents beyond his brief, or another user creating duplicate documents can lead to over-complication while also making you vulnerable to data/IP theft.
This is why you must think of access control when you design your marketing automation system.
5 Key Access Control Issues in Automated Systems
To design a successful and scalable automated system, you have to be aware of the issues that usually crop up in it.
The five biggest concerns you need to take into account are:
1. Overwritten data
Any automated system that uses templates would already have some fields pre-filled. Maybe they are filled by default, or maybe they’re filled by the user himself when he first enters the system (such as a lead filling in his email address into a form).
What you have to look out for is data overwriting. That is, when the user is presented with the same form again, you want to ensure that he can’t change pre-filled data.
One way to do that is through data field security. This allows you to block certain data fields from being edited by anyone apart from the admin. Use it for data you never want to be overwritten, such as your company name on a template.
2. Ownership control and transfer
In any automated system, the person who first creates a document also gets its ownership.
What happens if this person were to leave the company? How does the ownership change in such a case? Who does it change to?
Ideally, you want to have established protocols for document ownership and transfer when a role is created, merged or removed. This should also dictate whether ownership rolls up to a senior position, or waits “in limbo” for a similar role to take over.
For instance, if your marketing manager leaves the company, should his boss get ownership of the documents, or should it transfer to the next marketing manager you hire?
Think about these questions when you first design your automation system.
3. Controlling access privileges
In any large organization, you’ll have multiple people trying to access the same document. Some of these will be within the same team, some within the same department, and some will be outside contractors.
You obviously can’t give all these people equal access and control over your data. People within the same team should be able to view everything, but you only want to give viewing privileges to third-party stakeholders.
Think deeply about who gets to control the privilege to access or edit data. Is this privilege tied to a role (say, “project team leader”) or organizational position (“director of marketing”)? If you were to revoke access, how would you communicate it, and how can someone appeal against it?
Any successful automation system is built on integrations – with CRMs, email tools, project management software, etc.
Controlling access for individual integrations can be a challenge. Some tools will want editing privileges for the integration to be succesful. Others will ask for view-only privileges.
What makes things even more complicated is that different tools will ask for data in different forms. This can create a nightmarish scenario where you’re changing the data at origin for each integration to work, producing multiple “versions of truth”.
So besides access privileges, think about data standardization. Change the way your data is stored such that a single record can be reused by multiple tools. This is crucial for your integrations to be successful.
5. Document search and duplication
As an automation system grows, you’ll quickly find that people run into two related problems: They struggle to find the documents they want. And when they can’t find them, they create new ones from scratch.
This can quickly lead to a massive duplication problem. Different people might create different versions of the same document, thinking that theirs is the only one.
The solution to this problem is two fold:
Making document search easier, faster, and better. This will ensure that people are able to find what they need quickly.
Active checks for duplicate data. Any time someone creates a new document or data field, the system should check for similar documents that already exist.
Defining Roles and Access
Once you’ve thought about all the above issues, you can start defining your roles and access rights.
Broadly, you’ll want four type of access rights:
- Owner or administrator: Has full control over the system, including creating new documents or deleting existing ones.
- Creator: Can create new documents, but can’t delete existing ones. Also can’t create new roles or change access settings.
- Editor: Can edit existing documents, but can’t create or delete existing ones.
- Read-only: Can only read existing documents, but can’t edit, create, or delete them.
You’ll want different people within a team, department, or the organization to have different levels of access to separate parts of the system. Some people might have full access to one system, but only have read-only privileges to another.
For instance, a designer might have creation privileges for design-related documents. But for the analytics tool, she might only have read-only rights.
Thus, for each individual and system, define their level of access. I suggest using a spreadsheet like this: