Let’s face it, building an email list can be a long and excruciating process. It takes technical know-how, some writing acumen, and a whole lot of determination. That’s why there are thousands of blogs and videos giving you “the best” tips and tricks to build a list faster than anyone else. It’s a lot of work, but for most companies the payoff is still worth all the effort. Even with dozens of marketing channels available, emails are still king in the digital realm. The Email has the highest conversion rate, it outperforms social media for lead generation by 40% and typically provides a $38 return on investment for every $1 spent. And most importantly, email is likely the core communication channel for your entire organization. 

So just consider how you would feel if all the data and information, that you collected using lead generation methods, were all wiped out in a manner of seconds? And you couldn’t get it back. For Mailchimp users, this experience is an on-going one.

Know Your Risks

Mailchimp is one of the top email automation platforms on the planet. In 2017 they claimed to have over 20 million customers and have begun acquiring companies in the hopes of expanding their offerings. This continued success is fantastic for Mailchimp devouts but also makes everyone a more attractive target for cybercriminals. Think of all the personal and sensitive information you have collected on existing and potential customers. Names, addresses, phone numbers, passwords (which people often used in other places), and maybe even billing or credit card info. This is a goldmine of data for people who know how to grab it and use it to their advantage. 

Security experts see an explosive growth of cyber attackson small businesses, with 70% being targeted during 2018. Incidents of ransomware are also on a dramatic rise with a 500% increase over this time last year. Although these stats apply to websites, cybercriminals are moving into other software applications, like email automation, and Mailchimp is not immune. Mailchimp recently had to crack down on criminals hacking into accounts and sending malware-laced emails.

There is another, more innocent way your Mailchimp world can come crashing down the human error. And the most common scenario is accidentally deleting something (like your email list), which unfortunately you may not be able to recover. This is precisely what happened to Chanie Hyde at BugHerd. She accidentally deleted 40,000 emails when she was cleaning up her lists. But you can also lose data when you make changes to other areas of Mailchimp. And unless you have a manual backup of this data, it’s gone for good after a deletion.

One of the misconceptions about cloud platforms is that they “save everything,” which isn’t entirely true. The majority of Software-as-a-Service companies follow something called the “Shared Responsibility Model” when it comes to data protection. This means Mailchimp protects the infrastructure that powers its software. However, you are responsible for backing up and securing your own account-level data.

We know it sounds dire; hackers are after you, the cloud isn’t the safety net you thought it was, and all your data can be wiped in a heartbeat. There is hope, though. Thankfully some simple strategies can ensure your Mailchimp account is secure and can be restored with just a few keystrokes.

How to Protect Yourself

Keep Your Account on Lockdown: We all do it; create simple, easy to remember passwords. And we mentioned earlier about how people reuse the same ones over and over again. Sure, this shortcut helps you in your day-to-day, but it’s also a big help for hackers as well. With weak passwords, your account is vulnerable in a few ways. People can gain access by social engineering, brute force, or a dictionary blast. As a refresher, here are the best practices for creating a solid password:

1. Make a password at least 12 characters long
2. Use a random mix of uppercase & lowercase letters, and include numbers or symbols 
3. DO NOT use any names of family members, friends or pets 
4. DO NOT use birth dates, phone numbers, postal codes or any other numbers associated with you 
5. DO NOT let web browsers “remember” you passwords 
6. Make a password impossible to remember

We understand this causes more work, especially when having to create unique passwords for all users. To help with this, we recommend using a password manager like 1Password or LastPass. 

Be Strict About Who Has Access:  A password is as personal as your house keys. Give it up and you compromise your safety. Never ever share a password or use a common login. Each user should be given their own account. Again, it’s common sense, but something many of us are still guilty of doing. 

Be Careful About Integration Access: Using third-party apps can make your life WAY easier, helping with everything from analytics, to billing, design, and more. However, it’s worth auditing and reviewing what level of access you are trading for these benefits. Every time you add an integration, you are increasing the risk that your data ‘could’ be manipulated or edited in a manner out of your control. We are not saying these third-party apps have nefarious intentions, but we have seen occasions where some third-party software made changes on their end, and it wreaked havoc on the main account’s data and settings. It’s worth understanding the ways the apps you currently use (or would like to use) can access your data. 

Use Two-Factor Authentication: It would be great to guarantee your account’s security, with all the above safeguards in place, but that’s not realistic. The possibility exists that someone can steal your password and compromise your account. With two-step authentication, which involves generating a unique code on your mobile device, you can ensure that only verified people are accessing your Mailchimp account.

Backup Your Data: All the above tactics will help mitigate the chances of nefarious parties hijacking your email list. Yet, it still won’t prevent humans from making mistakes and causing a data disaster. Many account owners choose to backup manually by saving dozens of CSV files. This method has its limitations, though, as you won’t be able to save all key data. And importing all the raw data back into Mailchimp can be time-consuming.

The easiest solution is a third-party application, like Rewind, which automates the entire process. You can save time as well as eliminate the stress of trying to get everything back the way it was and is free for accounts with under 4000 subscribers.

Conclusion

Your Mailchimp list may be one of the most important digital assets you have.  Having security and backup strategies in place is the best insurance policy. A quick recap:

• Use unique and strong passwords
• Only give access to the right people
• Always review and audit third-party integrations
• Use two-factor authentication 
• Have a backup strategy in place 

It may take extra work to keep your account protected. But it’s worth the headaches caused by a cyber attack and weeks or months it may take to recover.