Industry benchmark provides much-needed context to a more comprehensive understanding of how client-side code affects end-user security and data protection issues.
Gone are the days when beating out the competition on content quality, ease-of-use or price were what earned you a top spot as a leading brand or “go to” resource. Today’s digital marketplace demands a consistent, frictionless experience to consumers. However, as the role of technology and consumer data continues to expand across the digital supply chain, organizations are now forced to adopt digital security best practices to shut down third-party code risks that could dismantle your prosperity.
Third-party code is the leading digital risk, not email
What is a third-party code? Third-party code enables the delivery of today’s dynamic and sophisticated user experience. It includes code that provides features consumers see—ads, online chat, social widgets, videos—and features consumers don’t see—analytics, data management platforms, tag managers, content management, and so much more. This desired functionality is provided by external vendors; these vendors place code on your website/mobile app. Yet, while third-party code is an integral component of modern online experiences, it also poses serious risks to your broader business from both brand integrity and regulatory compliance perspectives.
Digital insights to identify digital risk
At The Media Trust, our mission is to raise awareness of the third-party code risks that exist across the digital marketplace. A key function of our endeavor involves client-side scans of websites across eight B2C sectors to identify third-party vendors and their impacts on everyday consumer interactions. Over the past six months, we continuously scanned dozens of leading B2C enterprises to uncover what third-party code risks dwell in their respective digital ecosystems. Here’s what we discovered:
Key Findings: Comprehensive average over the past six months reveals
- 91% of executing code is attributed to third-party code, up from 82% in January
- 12% of domains are new to a website each month; US Media publishers experience 18-20% monthly domain variability
- 2-3% of domains throughout 1H20 are considered high-risk, with Media publishers experiencing 5%
- 385 cookies are dropped on user devices when they access websites, trending down trend during 2Q
- 32% of cookies have a lifespan greater than 12 months
- 0.95MB is the JavaScript load time, steadily inching higher during 2Q; several sectors were more than 1MB which is considered a polite basic limit
- 4.18 seconds is the aggregate total load time, a potential starting point when evaluating viewability issues
Learn more by accessing: Industry Insights
With more than 90%, on average, of the code on these sites provided by third-parties, it’s clear that companies need to stay on top of their increased digital attack surfaces. Brand integrity, regulatory compliance, and the bottom line are at stake, and strategies need to be implemented to control unmanaged third-party code.
Unmanaged third-party code is bad for business
When third-party code isn’t managed properly, it can:
- Increase aggregate load times during user sessions which can result in lost sales, readership and decreased brand loyalty;
- Leak credit card or other personal data to hackers;
- Download unwanted programs like toolbars and extensions
- Reveal saved user preferences to competitors through tracking software;
- Deliver malware to customers during their site visits or through mobile apps;
- Hijack customers and redirect them to competitors or malicious landing pages; and
- Cause data privacy and compliance issues that can lead to fines and lost revenue.
Organizations can’t ignore the risks associated with unmanaged third-party code. Investments in resources to build the perfect customer experience and drive revenue/services can lead to unacceptable malware attacks, redirects, surreptitious collection of personal data and more.
Using these industry benchmarks, organizations can pinpoint which code is disrupting your customer experience.
Discover what digital third-party risk is unmanaged on your websites. Request a disk risk scan today.