Posts Tagged ‘analytics’

Creating a dynamite campaign

Thursday, February 4th, 2010

Today I found myself in the opulent surroundings of Edinburgh’s Balmoral Hotel for a breakfast seminar, run by Precedent, on creating dynamite campaigns. The following are some of my notes.

The seminar was lead by John Campbell and Mark Baillie, and John began by considering the good, the bad and the ugly. Examples of good campaigns included:

  • Coca-Cola’s 80s/90s “Can’t Beat the Feeling” adverts – a tune that many of us still recognise today and an excellent example of strong branding.
  • The University of Birmingham’s Circle of Influence campaign to raise £60 million. Astonishingly, they’ve already reached the £50m mark, combining online strategies with a more traditional print campaign.
  • Drinkaware’s drink diary, which allows you to monitor your drinking and compare with friends, adding a social element to the mix. You can even download a phone app. I couldn’t help thinking this could backfire though – imagine people using the diary to compare how much they could drink in a week and actually trying to beat each other!
  • Volkswagen’s Fun Theory website, featuring various viral videos aimed at making people change their behaviour for the better:

John notes that common factors to all of these successes were creativity and innovation.

More on creating dynamite content

Tags: , , , , , , , , ,
Posted in main | No Comments »

My WordPress plugins

Tuesday, July 21st, 2009

Inspired by Jack Pickard’s own list, here’s a list of the WordPress plugins I currently use.

See my list of WordPress plugins

Tags: , , , , , ,
Posted in main | 1 Comment »

Google Analytics – the risks of 3rd party script

Monday, November 24th, 2008

The Register has recently reported on the potential security vulnerability of using Google Analytics, and as we use this for various sites I thought it worth exploring a little further, especially as there are wider implications around linking to any third party javascript code.

The essence of the Register’s article, Google Analytics – Yes, it is a security risk, is that any third party javascript you include on your pages could open you up to vulnerabilities. You are essentially at the mercy of the owners of that code, trusting them not to do anything malicious. And there are plenty of things they could do, including stealing session cookies and form data, or even executing a ‘cross site script proxy’ attack, which could surrender control of a user’s login session.

So how big is the risk? There are a couple of factors to consider:

Firstly, how well can the script owner be trusted? A company such as Google can probably be trusted quite a bit, although we’re not just talking about the integrity of the company’s ethics. We also need to consider how seriously they take security themselves – how stringent are their own practices? Again, we can be fairly sure that Google is pretty hot on best security practices, so the risk is relatively low. The same might not be true of other third party sites.

Secondly, how big a target is your site? The case referred to in the Register’s story was Barrack Obama’s website. That site is obviously going to be a huge target for potential hackers, with security an immensely important subject. Sites with a lower profile can reasonably be assumed to be less of a target, although the risks can still not be discounted entirely.

In a recent forum post discussing this issue, the following advice was given:

if you must use external JScript, make sure it is a trusted source, and by trusted, I don’t just mean the company and their reputation, but also their own security practises, and do not under any circumstances link 3rd party JScript to a “secured” or sensitive area of a site

This seems to be pretty sensible, and is something we will need to consider from now on, not just in relation to Google Analytics, but when looking at linking to any third party script. Better safe than sorry…

Tags: , ,
Posted in main | No Comments »