Only Google knows exactly how many websites are using Google Analytics, yet estimates suggest as many as 30-50 million websites use the service.
In this article, I’ll discuss how you can use Google Analytics data safely and what kind of data security and privacy options you can choose within Google Analytics.
How to Use Google Analytics Data in a Secure Way
Website owners can activate an additional privacy settings function in Google Analytics called IP masking. This function removes the last number in each user’s IP address.
Of course, IP addresses aren’t visible within Google Analytics, however, these details are – when IP masking is enabled – also not used in detailed geographic reports, which makes them less accurate and more privacy-minded.
Who Has Access to Your account?
Regularly check who has access to your Google Analytics account is an incredibly simple, yet important aspect worth highlighting. Especially amongst larger businesses with a lot of people who have access to Google Analytics, it’s important to review the list of emails who have access.
You’d be surprised how many email accounts are on these lists without anyone knowing who it belongs to. For example, users who only required temporary access, people who have left the organization or previously employed third-parties.
I highly recommend to install a software tool or dedicate a person to creating a file which clearly states which emails have access, who it belongs to and the reason they were granted access.
Strong Password Usage
The importance of creating strong and unique passwords can’t be repeated enough. A weak password opens the door to all the Google Analytics data stored on your account.
If you lack the creativity to come up with a really strong password, simply use a password generator like LastPass, for example.
LastPass also offers a password manager service which will keep all of your username/email and password combinations secure. LastPass uses complete end-to-end encryption, which means that your data is stored on their server in the encrypted format – even LastPass can’t see your password!
Two-factor authentication is a highly effective method to enhance the security of your account and to keep the data on your account out of the wrong hands.
You can use two different methods to do so:
1. 2-Step Verification Tag Manager
To activate 2-Step verification, follow these steps:
- Tab on “Admin.”
- In the Account section, tab “Account Settings.”
- Select “Require 2-step verification for certain operations.”
- Hit the “Save” button.
This method can be used to improve the security of your own Google account. When you enable this feature, you can use an application called “Google Authenticator,” available in the AppStore and Google Play Store. It’ll generate a random, time-limited numeric sequence. So, you can only access your account if you have physical access to your smartphone.
Personally Create Accounts for Users
Another method to keep handle Google Analytics data in a secure way is to create specific company accounts for third-parties and other people who require access to your Google Analytics.
By doing so, it’s much easier to keep track of who has access and why. Then, you can send a one-time two-factor login key.
Data Security and Privacy Options of Google
Google analytics tracks pretty much every person that visits your website, using tracking codes that automatically collect data using the well-known “cookies.” This is being done by the Google Tag Manager tracking code installed on your website, which is a standard piece of code provided by Google. But still, it’s possible to get insight on personal information and IDs within Google Analytics. Thus, it’s important to consider how you’re going to protect this information – some options are listed in the previous paragraph.
How is Google Analytics data kept private?
Google has a ton of policies and guidelines in place to protect data and take privacy seriously. In the privacy section on Google’s website, the company states the following as to who (Google employees) have access to your data:
“Security-dedicated engineering teams at Google guard against external threats to data. Internal access to data (e.g., by employees) is limited by strict access controls (both internal policy controls and automated technical controls such as authentication, SSL, and security logs) to only those with a business need to access it.”
However, you also have a say in this, not just Google. In your Google Analytics account, you can adjust the settings and control who has access to your account’s data. You can do this within the administration area of your Google Analytics account. Simply go to “Account Settings” and select how you would like to share data with Google.
Under “Data Sharing Settings” you can enable or disable any sharing functions to your own liking. Reminder the following if you, for example, want technical support – you need to enable this data sharing function as well.