Media Trust CEO: Most of what happens on your web site is not controlled by you

And this third-party code, says Chris Olson, results in dozens of cookies for each user, security vulnerabilities and performance hits.

Chat with MarTechBot

Programming Code Fujpoz/p>

“Most companies are still afraid of everyone’s web site but their own.”

In other words, The Media Trust CEO Chris Olson told me recently, most brands are focused on competitors’ threats, when they should first be looking at the threats in their own sites and apps.

The upcoming General Data Protection Regulation (GDPR), he added, will show them that they “have to be afraid of their own assets.”

His company helps web sites and app publishers with ad verification and regulatory compliance. To do that, The Media Trust pulls back the curtain and lets publishers see the dozens, if not hundreds, of third-party software programs that are running in their properties.

This includes cloud-based content management systems, ad platforms, tag management systems, personalization services, analytics vendors, geolocation providers and so on. And those services are calling other services.

Olson estimates that perhaps only ten percent of the code that renders on a typical brand’s site was actually developed by that brand. The rest is third-party.

‘Haven’t really known you’

New clients are often entirely focused on their own code and the resulting data, he said, until The Media Trust shows how many third-party providers are living in their houses, so to speak.

With so many outsiders in your property, Olson noted that GDPR compliance needs to take into account whether those vendors are compliant. And the same for compliance with HIPPA or COPPA, or for protecting against malware and bots.

Most of the regulatory violations — including, he predicts, most of the GDPR violations — come from bad practices or outright malicious activity by third-party providers.

Other issues include page loading issues and vulnerabilities to malware. As an example, he noted that both of the recent Equifax data losses involved, at least in part, vulnerabilities in third-party code.

“If an enterprise doesn’t know who they do business with,” he said, “that’s where the violations come from.”

While The Media Trust and similar firms provide assistance for monitoring outside code executing on a brand’s property, Olson agreed that the current smattering of best practices, protocols and standards could eventually become a kind of certificate or seal that your third-party providers apply for, not unlike how the Trustworthy Accountability Group (TAG) is now providing its imprimatur to fight fraud among ad providers.

In effect, Olson said, brands need to tell their third-party providers: “For years, I haven’t really known you, but now we have to be compliant together.”

Opinions expressed in this article are those of the guest author and not necessarily MarTech. Staff authors are listed here.

About the author

Barry Levine
Barry Levine covers marketing technology for Third Door Media. Previously, he covered this space as a Senior Writer for VentureBeat, and he has written about these and other tech subjects for such publications as CMSWire and NewsFactor. He founded and led the web site/unit at PBS station Thirteen/WNET; worked as an online Senior Producer/writer for Viacom; created a successful interactive game, PLAY IT BY EAR: The First CD Game; founded and led an independent film showcase, CENTER SCREEN, based at Harvard and M.I.T.; and served over five years as a consultant to the M.I.T. Media Lab. You can find him at LinkedIn, and on Twitter at xBarryLevine.

Get the must-read newsletter for marketers.