[dmix]

> This data is used by our product, marketing, and customer success teams

It always seems to be the marketing analytics data that's wide open for 'hackers'.

You could spend all day building a secure DB and application architecture then have the marketing team upload analytics for everything onto some random insecure service.

Maybe the marketing/data teams need to get some security lessons as part of their training the way programmers learn?

[anonymousjunior]

Segment actually does a pretty fantastic job onboarding new personnel and funneling them through security training. Recently gave a great talk here at the Bay Area OWASP meetup about how they've gamified security awareness training with an internal leaderboard and random CTF challenges.