Data security is becoming an increasingly important issue in the event industry (and elsewhere), so today we are sharing a few simple measures you can take to keep your data (and that of all your clients and event attendees) secure.
If you’re not sure why it is important to do this, we encourage you to first read our article: Event registration & data security – are you doing enough?
What you can do:
- Educate your team about data security. Let them know what your expectations are to keep data secure and why it is important. Which leads on to the next point…
- Establish a security protocol. Have a system in place for what steps must be taken to keep data secure, and also what to do in case of a security breach. Keep the process as simple as possible, and make sure everyone understands it and is able to follow it – and that they do!
- Only share data with staff on a need-to-know basis. The fewer people in your team who have access to any information, the more secure it is.
- Regularly change or re-set passwords. Yes it’s schlepp, but it is also a simple and effective way to safeguard against the possibility that someone could get hold of your passwords at some point in time.
- Set up two-step authentication for logins, which makes them a lot more secure.
- Set your devices, like laptops, PCs, ipads and cellphones, to lock quickly. In the event that a laptop is stolen onsite, for example, you will have a better chance that the thief will be locked out and unable to access any of the information stored on it.
- Back up your data securely and often, in case it is compromised.
- Make sure you and your team always work on a secure network, both in office and onsite.
- Install appropriate software on all of your computers, such as firewalls and anti-virus software.
- Check that your website URL starts with “https”. The ‘s’ indicates that your website has an SSL certificate, which means that there is a secure connection between your web server and browser.
- Ensure your suppliers are also handling any data you share with them in a responsible manner. Ask to see their privacy policy and check that they have their own security protocol in place.
- Brush up on your knowledge of the law, especially the Protection of Personal Information (POPI) Act. And if you host any of your data in Europe, for example on servers there, you also need to be aware of and compliant with the General Data Protection Regulation (GDRP), a new law which will come into effect on 25 May 2018. (Also, don’t assume you don’t have any information saved in Europe – many online event tools as well as website hosting is done across borders, so double check to make sure.)
