How event planners can keep their data secure
Event planners typically hold lots of information on their websites, including all the details of delegates that have registered. All the people that have ever registered for an event would expect all their details to be kept secure by the event planner as these details could include credit card and bank account information, date of birth, address information and contact phone numbers – which is all the information a hacker will need to completely clear out a delegates bank account or buy expensive equipment using the delegates credit card information.
Event planners should not overlook the importance of keeping all this sensitive information safe and secure and can do this by implementing a number of measures which are described below.
Encryption ensures that all data is recoded into a series of characters that are totally unreadable. When visiting a site that uses encryption, the normal “http://” that would be seen in the top bar of the Internet site would be “https://” to indicate that encryption is being used with the “s” standing for “secure”. The encryption is based on using an encryption key that is used when input data is sent to the event planner’s server. In this case, only the event planner will know the key being used on the website and for any event apps that are available to delegates.
Secure Socket Layer (SSL)
When an event planner’s website is designed, SSL protocol must be included as this will ensure that the data being input into the browser is sent encrypted to the server. It is possible to tell if SSL is in use by the padlock symbol () that would appear on the left-hand side of the browser bar. This will be found when using Google Chrome, Microsoft Explorer and Microsoft Edge browsers, plus others. If the closed padlock is not shown when accessing a website, it is unsafe to enter secure data.
The WiFi available at events should require a password to ensure that encryption is used. Open WiFi networks, not requiring a password, are problematic as anyone can see what is being entered, so great care should be taken when using them so that personal details are not entered.
According to Patrick Ambron, writing for Forbes in his article, Nine Important Tips to Protect Your Online Privacy and Security, “Anytime you stay in a hotel, connect to public WiFi or take a flight, you are sharing your email address and other personal information. The companies, apps and websites you use are gathering this info to serve you “better” advertisements. It’s dangerous when it gets into the wrong hands.” Event planners will need temporary internet service for events so it is best that the WiFi services at the events are protected by a password that is a mix of different characters.
If email is hacked then hackers could have instant access to all contacts and accounts, and the hackers can then change all the passwords and do whatever they like on all the accounts. To overcome this issue, it is recommended that passwords are changed every few months, and do not use easily guessable passwords, but use a mixture of upper case, lower case, numbers and special characters wherever possible, or use a password manager to generate the password. It is also important not to leave logon information on a website for whatever reason, otherwise a hacker can use the information. According to Zack Whittaker, writing for TechCrunch in his article, ”An Exposed Password Let a Hacker Access Internal Comodo Files”, “A hacker gained access to internal files and documents owned by security company and former SSL certificate issuer Comodo by using an email address and password mistakenly exposed on the Internet.”
A password manager has many advantages. It creates passwords that are extremely hard to guess; it can fill in secure data, such as addresses and phone numbers for sites that have been visited previously and it also allows passwords to be shared by others. The passwords are stored in a secure place off-line; and passwords can be easily changed with a simple click.
Another secure addition to logging on to a site is 2-factor authentication. This is where after putting in a username and password, a further level of security is required. Things like sending a code to a cell phone, or entering extra information like a few characters from a PIN or entering the user’s mother’s maiden name. This is a must for logging onto event websites.
Event planners need to keep their websites and servers secure by using a range of security measures, including encryption, SSL, WiFi security, and 2-factor authentication for passwords. Event planners need to be aware of the latest technologies and threats and make the necessary changes to protect their businesses.