In a recent article by the Event Manager Blog, the post discussed the Coachella music festival website data breach earlier this year which led to hundreds of thousands of people’s personal information ending up in the wrong hands. (http://bit.ly/2nHgnpE ) Such an event data breach is certainly an event professional’s worst nightmare. Although you can’t always prevent very determined cyber hackers from stealing personal and financial information, you can make every effort to make your event data as secure as possible,
From retailers and banks to tech companies and Hollywood movie studios, data has been exposed as crackable, hackable and exploitable. Your event data is just as vulnerable. With today’s events reaching thousands or even millions of people, event data breaches become more possible.
How can event data hackers access event attendees’ personal information? Opportunities to collect event data are everywhere at events including pre-event emails, registration systems (online and onsite), interactive technologies especially those using unsecured Wi-Fi, mobile apps, insufficient event tech provider security.
… And the list goes on. Event data brings incredible insights and measurement capabilities to event professionals. However, with the industry overflowing in information, we now also have the responsibility of protecting it.
Although such breaches are unlikely to be problems, you still don’t want the fear of an event data breach of your attendees’ personal information to keep you awake at night. Safeguarding event data is key, but how?
Make Your Event Data Safe by Watching Your Emails
It’s fast, it’s easy, it’s convenient. It’s also a great way for you to accidentally let attendees’ personal information and event data flow into the wrong hands. Most of us conduct our event planning and management via emails because of its speed of delivery and efficiency. We are not suggesting you stop using email for your events – that would be ridiculous. We are suggesting, however, you think twice about what attendee information and event data – such as lists, invoices, and reports – you are sharing in an email and who you are sharing the information with.
Don’t put anything in an email that you wouldn’t share openly in the least secure manner. If you don’t need to email it, don’t – try walking over to your colleague’s office or use the phone to call your partners, stakeholders or tech provider with event data.
What about Those Passwords and Your Event Data?
In a world where cybersecurity and identity theft are on everyone’s radar, it is amazing how many event professionals are lax in password protection protocols. We all understand strong passwords are critical but once in place, very few event professionals set up a schedule to change and update their event system passwords regularly. To you this screams “hassle!” To event data thieves this screams “access!”
Password changes are usually done under the direction of the IT person and can range from 90, 180 or once a year. Best practices for how often vary but it is good to make it happen, especially when there is a change in personnel or when an event data breach, no matter how minor, has occurred.
Are you in the habit of sharing your passwords with colleagues? Guilty too. It’s often quick and easy but sharing passwords even with members of your own team can lead to intentional or unintentional breakdowns in security of event data, especially the critical financial information.
Make sure you know who on your event team has access to your event system and event data. Monitor and possibly restrict access or create multi-level access processes as necessary. And be sure to cut access immediately to those employees who leave your company or organization as well as former vendors or stakeholders.
Is the thought of managing passwords making you feel stressed? Remembering your personal passwords is hard enough but now adding those you have at the office can seem overwhelming. Then try one of many password manager options available to help you out, like LastPass or 1Password that help pick random passwords and synchronize them across many devices.
Moving Event Data Around – Printing and Using USB Devices
Having event data in hard copy print form or moving it around on USB devices greatly increases the chances of it getting lost, stolen or compromised. It is best not to use such methods. Cut out the need to print out materials or transfer between systems with a USB device by integrating event data with all the other systems you use for your events so that it is automatically updated in all systems.
This is particularly important while onsite at events. Don’t leave registration lists or electronic devices like laptops, tablets or smartphones unattended. Make sure any event data on your screens is not visible to unauthorized users and, of course, do not discuss sensitive information in public areas around strangers where it can be overheard. Seems like common sense – it is, but under stressful and fast-paced onsite event situations, we can forget to be cautious.
Ensure your team is well trained to protect event data and know the measures they can take to keep it safe from prying eyes and itchy fingers. Creating and following event data security policies is important and a wise practice for you as an event professional.
What Your Event Tech Provider Has to Do with Event Data Security
Event and meeting professionals often use outside event technology vendors to help with event registration, planning and management. Because you do, they become an important part of your event data security umbrella.
Make sure your event technology provider’s security policy and practices make protecting your event data a top priority at every step of your event process. Find out from your provider where your event data is stored and how it is stored – how often it is backed up and when it is deleted. Learn its plans and practices to protect your event data in case an event data breach does occur. Ensure that your event data is protected if it is integrated with event apps, event registration and management systems or other event-related systems. Finally, make sure you know and are happy with the people at your event tech provider who have access to your event data and how they provide authorization and share that information. How do they deal with an employee who has access to your event data but leaves?
What Do You Do When an Event Data Breach Occurs?
So it happens and you’re devastated. Who wouldn’t be? As with any crime, you need to report it to the proper authorities. And, as scary and uncomfortable as it is, it is important to be transparent and as soon as possible inform your registrants and attendees. The sooner they can take action to protect themselves by changing passwords, the less of a problem you will have on your hands.
To avoid stumbling around and panicking when an event data breach occurs, it is wise to have an existing company or organization policy in place and the right staff trained to take action when an incident occurs. Preparation can take the edge off such distressing situations and help you and your team focus and respond quickly and efficiently.
It’s impossible to make your event data completely hacker proof, but it is important to take steps to lessen the possibility of it ever happening. Consider the ways discussed here and others from your team and IT people to make sure your event data is safeguarded. Also have a plan in place for if or when an event data breach occurs. You’ll sleep better at night.
And one more thing…please share these tips with others and repost this on your social media channels and emails. We all want our event data to be safe and secure.
rsvpBOOK – An Event Tech Provider Safeguarding Your Event Data
At rsvpBOOK we realize you have your hands full with planning and managing a successful event. Worrying about the security of your event data should not be one of those issues you lose sleep over at night. That is why as your event tech provider we put safeguarding your event data at the top of our list. How? Just a few ways include:
- Using a PCI-DSS compliant collection platform
- Every transaction is sent using 256 bit SSL secured connections
- Event-specific login control to minimize unnecessary employee access to data
- All shareable event reports containing attendee event data can be password protected before sending to third parties
rsvpBOOK provides you a smart, simple online event registration and event management software to save time, save money and allow you to work more efficiently to get things done right and on time.
Our powerful software brings together all the online registration and event management, marketing, onsite check-in, evaluation and attendee feedback reports, online payment processing tools you need into a single place. We help you streamline your event processes from beginning to end. And, the versatility of rsvpBOOK event management software meets your needs no matter the event type or size, from professional training meetings and workshops to large conferences.
Try us at www.rsvpBOOK.com. We make the complex, easier.