Is Google Analytics Secure to Track Business Application Usage? - google-analytics

I have recently been required to implement some Usage Tracking to a web-based Business Application. Basically what needs to be tracked is what pages in the application are being used and for how long users stay on those pages. The application is hosted on the internet and is HTML/JavaScript.
I could use Google Analytics to track page views, visits and browser capabilities, but is it secure enough to use for business applications?
Does anyone else use Google Analytics to track web-based business application usage? Or do you have some thoughts on this?
Also, I couldn't find anything from Google specifically stating whether this is a good or bad thing to do.

It depends what you want to be secure.
Gathered data, if you trust Google, is pretty secure.
However, Analytics data can be tampered with. Someone can read your Analytics ID from page source (or HTTP traffic) and submit fake pageviews, events, change custom variables, etc.

Related

What is the best practice for setting up new Web+App Google Analytics?

I have two properties I would like to track via Google Analytics:
1. A cross-platform web-app - I currently have this connected to Google Analytics new App+Web implementation.
2. A marketing website that drives leads to the web-app - I currently have this connected to a separate property with the traditional Google Analytics implementation.
My question is, is it best practice to connect my marketing website to the same App+Web property as my web-app via a new data stream? or should I keep them separate?
It is my understanding that the App+Web is meant to connect all your platforms in one property, I'm just not clear if this should include a marketing website or not.
I would like to be able to track events between the marketing site and the web app, which is why I'm considering have them both under one property.
Thanks!
-Zach
I think you can do this as it will be more convenient for you, you can track it in two different streams. I think it will be more purely about data.
In Google Data Studio reports, you can always combine all the data and conversions that you set up into a single live report. I think this help might help.
I always use different Google Analytics streams for apps and different sites, so it's easier for me to track, and in Google Data Studio I collect all the data from Analytics, call tracking, and user session recording tools in one unit for comprehensive data analysis

Integrating Google Analytics Report for Behavior Targeting

I would like to retrieve visitor behavior data from Google Analytics on my site. For example, detecting New Visitor or Returning Visitor so i can manage different Site Messages. If i can get the user data metrix, i think we could do a lot of stuff for marketing purpose
I know we can implement our own cookies, but what we had in Google Analytics is more than enough if its accessible, why re-invent the wheel ?
So hope you guys can give me insight if my inquiry is applicable
Unfortunately, you cannot do this with Google Analytics.
You can look at tools such as Google Optimize or Optimizely for personalization, A/B testing.

Disable analytics for iframe

The website uses embed Youtube videos, Slide Shares, Open Table Widgets that become iframes. According to the new law about GDPR we need to ask user's consent for tracking his activity. But how then I can use these components and at the same time disable analytics that comes automatically from these iframes?
It's very difficult to reconcile any kind of tracking with GDPR. If the frame you're loading does not provide privacy controls of its own, you would need to acquire the relevant consent before loading the iframe at all, which you can do via Javascript loaded from your own site.
As a workaround, you could proxy the services and strip tracking cookies and scripts before they ever reach the end user. I've done this before.
The privacy-friendly approach is to not use services that track users in the first place, and then you have nothing to worry about. Sadly this is easier said than done, since the vast majority of such services' entire business model relies on tracking people.

System design - Google Analytics

I'm working on the architecture for a project that includes a Android and iOS apps and a web interface with a subset of the mobile apps functionalities. The project is basically a e-commerce solution. In all three interfaces I'm using Google Analytics to track some information. However I'm having an internal discussion about the extent of the information I should send to GA. What should I store in GA and what should I store in my own server?
Let me give you some examples.
Session tracking is clearly something that belong to GA.
ProductDetailViews. Sounds like something that should go into GA, specially considering the enhanced e-commerce module.
Shared item. When a user shares some content over a social network, should I store that information on GA or in my own server? I'm inclined to GA but it becomes more ambiguos.
Do you see my point? Can someone share a general rule or recommendation on what should be saved in GA and what should be saved on the projects own server?
Thanks
For those examples I would generally send all the hits to Google Analytics. Here are a few reasons:
Preventing data silos. You want all of your data in one place and Google provides you with a database reachable via the API where you can keep all your data organised in one place. This is important when you are considering measuring performance, as you want to avoid duplication of conversions or traffic hits
Useage of Google Analytics advanced segments. With all your data in GA, you will be able to create advanced segments for analysis. But the real power is if you are using AdWords or retargeting, as you can send those Advanced Segments to AdWords, and target those users around the web with your custom data
Single point of reference for users All analytics are inaccurate, but you want to make sure they are inaccurate to the same degree. Using GA keeps all your data on the same playing field
Usability and Freedom of information Its easier to serve up your data to users within the GA interface as people are more likely to know how to navigate that than your database. You can also use the GA API to pull out any data you need to push into other visualisation tools.
User session merging With your data and userID tracking in GA, you may be able to track users as they arrive via mobile to desktop and back again, over multiple sessions.
What you need to avoid putting in to Google Analytics is personal info such as names, email address etc. There are against the TOS. But you can capture a unique userID, and match that outside of the tool later.

Can we use google analytics for Internal website?

I have an Intranet application which is accessible from within company firewall. To track some specific pages, I want to implement Google Analytics in my Intranet application. This application is accessible from outside only when user system has some specific certificate installed.
Is it possible to implement Google Analytics in my Intranet application?
Will this Google analytics work inside company firewall?
How Google analytics work i.e. what is the actual flow of google analytics?
Yes, Google analytics can be used for internal web applications too. Please visit this URL which will clear your doubts. If you click on the given link and able to access analytics.js file from your internal network you can use Google analytics for your internal applications protected from corporate firewall.
Please note that after implementation, tracking data would be available around 24 hours only. So, you need to wait for 24 hours first. Even if you are not able to view the tracking data, please visit this link. You will find the possible reasons behind not working your analytics code.
In order for Analytics to generate reports for your corporate intranet
usage, your corporate network must be able to reach the Analytics
JavaScript file (analytics.js).
...
Your intranet must also be accessible
through a fully qualified domain name such as
http:// intranet.example.com. The Analytics JavaScript won't work if
your intranet can only be accessed using a domain name that isn't
fully qualified, such as http:// intranet
Ref: https://support.google.com/analytics/answer/1009688?hl=en
In your example, if a person without the certificate you mentioned can still reach the domain (that is, there is a public DNS entry for the domain name) even if they get an 'access denied' or similar message, the tracking should still work.
Google Analytics is Software as a Service and runs on the Google Servers. If your clients cannot reach the Google server than you cannot send tracking data and Google Analytics will not show anything. You may need to adjust your firewall rules to let calls to the Analytics servers pass (are you that you want a third party javascript to send data from your intranet to the internet, though ? There might be legal ramifications, too, after all implementing a script basically means to hand control of the clients to a third party).
If the server for your intranet is connected to the internet you could collect all hits in a log and pipe this to Google Analytics.
However Google Analytics might not be the best choice. You most certainly do not need campaign data, you probably do not have ecommerce in your company and depending on your type of company geo data and technology data might not be relevant (after all you probably know what computers your employees use and where they are). And for a page counter a self hosted solution will do just as well.
Google Analytics requires that you place a script on each page you wish to track. Whenever a page with the script is loaded, the script runs and sends data to GA, so your users must be connected to the internet as well as the intranet for their usage statistics to register. One security issue to consider is the titles of your intranet's pages will be sent externally across the intranet, which your IT security may have an issue with.
For basic intranet analytics, I'd recommend starting with Piwik which is open source and installs on your server.
It will give you a lot of initial usage data and if your customer decides they want more, you can look into more sophisticated products.

Resources