Sentinel Insights wasn’t born in a product lab or a startup factory. It came out of real-world work. Before we launched the platform, we were a team responsible for tag management and consent governance across a sprawling enterprise MarTech stack for a Fortune 500 financial services firm.
The company had more than 100 websites, hundreds of vendors, and four business units, each with distinct needs. We were brought in to fix what was broken, to harden their consent posture, and prevent what kept going wrong in their marketing technology ecosystem.
At first glance, our team’s mission seemed simple: deploy Tealium as the tag management system and OneTrust as the consent management platform. But there is a ton of nuance hidden in the details. We needed to work with IT to clean up hardcoded tags, help marketing get the tools, data, and strategies they needed, and partner with legal to define what data collection and consent enforcement actually meant in practice.
What began as a simple tool rollout became a comprehensive MarTech governance program. It also became the basis for what we later built into Sentinel Insights.
We Were Solving for Scale
The ecosystem spanned public marketing pages, authenticated account portals, and internal tools. Some were hosted on domains with limited access. Many were agency-built with no consistent structure. Most had rotating developers and little institutional memory. And none of them had a consistent tagging structure or data layer architecture. Testing the MarTech stack either didn’t occur before our team entered the scene, or if it was done, it was not performed by experts in those tools.
Our team was commissioned to migrate all tags into Tealium and deploy the OneTrust CMP across marketing sites, establishing governance where none existed. Then, we connected the two across multiple domains to implement a robust data collection and consent management practice. Along the way, we provided architectural guidance to IT teams so they could build a data layer that was scalable enough to support marketing’s wildest dreams.
We worked around enterprise release cycles. Supported an 18-month CMS migration. Stayed up to ungodly hours to test the MarTech stack once data layer changes hit production. Created and maintained testing tools just to keep up. It was chaotic. But it was the kind of challenge our team was built for.
And what did we find? That even the best MarTech teams can’t keep up with the pace of innovation. We still found consent gaps, broken tags, and busted reports. So we built Sentinel Insights to solve it.
Five Challenges That Changed How We Work
We learned the hard way where most governance practices fall short. These five issues shaped how we approached the problem, and how we built our solution.
Consent Violations Were Hard to Catch
Even with a CMP in place, verifying real-world behavior was difficult. It’s a common misconception that you can add a cookie banner to a site, and voila, you’re good. That’s not the case. It’s much more complicated than that. For example, at our organization, legal wanted all tracking disabled for EU users, but CMP logic didn’t always execute as expected. CCPA added layers of complexity, with vague guidance and evolving interpretations leading to manual testing protocols that were inconsistent and hard to scale. Meanwhile, IT teams regularly bypassed the TMS, adding tags directly into page templates; as a result, many marketing technologies fired outside of the TMS’s control. We tried to keep up with manual checks and synthetic scanning tools, but these gaps continued to pop up with alarming regularity.
Cross-Domain Consent Was Tough To Maintain
Each business unit had its own set of highly customized web properties. Some used subdomains or different domains altogether. We identified early on that consent preferences weren’t reliably shared across all of the websites our company operated. This meant that a user could opt out on one site and be tracked again a few clicks later. We couldn’t rely on the CMP to fix this. We had to design and test a custom implementation to maintain consistency.
Tag Visibility Was Incomplete
Tealium gave us visibility into what tags we had deployed… as long as it was done through Tealium. It didn’t account for piggybacked tags or hardcoded scripts though. It also didn’t account for any pages that didn’t include the Tealium script – how could we govern something we didn’t know about? We built our own page scanners, but they were brittle and resource-intensive. Tags (and sometimes even whole microsites) appeared without notice. Some vendors silently injected others. We had no reliable way to see what was actually executing in production, based on real user behavior.
The Data Layer Was Easy to Break
Most of the marketing technologies in use relied on a clean, stable data layer. But we weren’t the ones updating it. Because they owned the data layer, IT teams could rename keys, drop values, or change structures. They didn’t always inform us of these changes, and as a result, tags would silently fail. Reports would break. Campaigns would underperform. We created validation scripts, but even those couldn’t catch every issue. It was impossible to keep up with, and took ages to track down issues, especially when the update wasn’t something that we had control over or awareness of.
Stakeholders Had Different Mental Models
Marketing cared about attribution and performance. Legal cared about compliance and risk mitigation. Engineering cared about uptime and speed. Each team had a different vocabulary, and a different threshold for risk. Part of our job was providing translation services. We had to take a technical finding or come up with a recommended plan of action and explain it in three different ways, so everyone could understand and come on board.
What Sentinel Insights Does
Sentinel Insights continuously monitors your stack for consent violations, data layer breaks, and unauthorized tag behavior, surfacing risks other tools miss. It works with your CMP and TMS to identify violations that other technologies cannot detect.
The platform surfaces:
- Tags that fire without consent
- Cookies deployed outside approved frameworks
- Hardcoded scripts
- Gaps in consent handoffs across domains
- Breaks in the data layer
- Technology behavior that diverges from policy
Teams can review findings in a centralized dashboard, get alerts on violations, and share issue-specific reports with legal, marketing, or engineering.
What We Recommend to Teams Today
Most governance programs are still built around audits. That’s not enough. Here’s what we believe every team should be doing.
- Monitor, Don’t Just Audit
Point-in-time audits are outdated the moment something changes – and if you’ve ever worked in marketing technology, you know: change is constant. Real governance requires continuous observation. - Validate Real Consent Scenarios
Look at what actually happens when a user opts out, accepts, or ignores your consent prompt. Don’t assume your CMP and TMS are working together. - Know Where Tags Come From
Not every tag in your stack is managed by your tag manager. Piggybacked and hardcoded scripts often escape governance entirely. They’re also likely to introduce risk. You should know when and where they are firing. - Defend the Data Layer
If it breaks, everything downstream suffers and the ROI of your MarTech stack drops like a rock. Validate it regularly. Don’t wait for your reports to break. - Build a Shared Operating Model
Our governance council brought together marketing, legal, and IT – each with its own lens on risk and accountability. Engineers needed technical diagnostics. Legal needed audit-ready evidence. Marketing needed assurance that performance tracking and campaign decisions were based on accurate and compliant data. Governance only worked when we could translate findings into terms each team could use and act on.
The Bottom Line
Technical fixes alone won’t solve governance. The real challenge is operational. Teams need shared visibility, reliable data, and clear accountability. And they need it in a form they can understand and act on.
We built Sentinel Insights because we needed those things ourselves. The platform is designed to surface problems in real time, provide visibility into real consent failure scenarios, and deliver insights each team can use.
Want to see it in action?
Run a free consent compliance check or book a demo to see what’s actually happening on your site.
