Your virtual events are a target-rich environment for cyberhackers, and the market for your attendee and company data is booming. No one is immune! Cybercriminals are nothing if not resourceful and sneaky, which means you need well-planned security and privacy protocols in place to hold them off and keep your company's reputation in tact. What's a humble organizer to do? Read this complete guide and make them hack-proof!
Your virtual events are a treasure trove of data, and one unfortunate breach can wipe trust in your brand off the face of the earth, not to mention cost a ridiculous amount of money . Let's get you familiar with best practices and shore up security and privacy for your virtual events!
What's the Difference Between Security and Privacy?
Good question! We see them lumped together more often than not, but they are distinct:
Security is putting technology and processes in place to protect your virtual event connection, keep your tenant secure, and access to your network out of the hands of cybercriminals and hackers.
Privacy, an aspect of security, is keeping the people you want in and the people you don't out, thereby protecting confidential information, trade secrets, discussions, attendee wellbeing, and their personal identifiable information (PII) during and after the live event.
Defend Your Data Fortress
Time to plug the holes, build your offensive and defensive strategies, and create the secure, private event experiences your attendees can trust and you can brag about.
Your Event Tech Vendor
The best event tech software and services provider should clearly prioritize data security and privacy. Conduct a thorough security assessment of potential vendors prior to engagement! Look for providers who offer:
- A secure hosting infrastructure on reputable cloud providers such as Microsoft Azure or AWS. The vendor should also perform regular updates and patch management to address vulnerabilities should they arise.
- Up-to-date compliance with cybersecurity laws and regulations, such as GDPR and CCPA .
- A thorough understanding of the responsibilities of both PII Processors and PII Controllers.
- Robust, end-to-end data encryption, both in transit and at rest.
- Secure, cloud-based data storage and customer control over the length of data retention.
- Certifications in data and privacy security protocols, such as ISO 27001 (Information Security Management Systems) and ISO 27701 (Privacy Information Management Systems).
Your Event Software
Ideally, privacy and security should be foundational to the event software you use. Things to look for include:
- Secure, seamless integration with your current tech.
- Masked event URLs.
- Unique attendee join links to reduce unregistered gate crashers.
- Easily implemented security options to fit your event needs, such as multifactor authentication, domain-level allowlist/denylist, manual registration approvals, and validation questions. Multifactor authentication methods not only prevent unauthorized access by humans, they also act as bot-busters.
- Other "nice to have" options include a waitlist, registration deadlines, and content expiration.
- Tools to create an event registration process that allows for a variety of custom questions and privacy language acknowledgment. The ability to create event templates to streamline the event build process and ensure consistent branding and privacy disclosures/language across your events is a huge plus.
Best Practices For You and Your Events
- Keep your Privacy Notice and other disclosures up-to-date and easily found on all registrant/attendee correspondence. The footer is a good place for this.
- Lose the confusing legalese - make your policies accessible to the average person by breaking it down into easily understood language. The benefits of this are two-fold: they help educate your attendees and build your brand's positive reputation.
- Set up role-based access controls to assign appropriate permissions for Organizers, Moderators, and Presenters. A "need to know" policy is a good start - how much information do each of these entities need to perform their role effectively?
- Include a question on your registration requiring attendees to acknowledge they've been informed of their rights, including a link to a Consumer Privacy Request.
- Create consistent registration processes, and collect only the attendee information you need to deliver your event. For example, if your content centers around front-end web design, asking registrants what color their eyes are is unnecessary.
- Create curated and targeted attendee lists for your event marketing.
- Create an Attendee Code of Conduct - trolls make virtual events a miserable experience for everyone, made even worse if sensitive information and/or inappropriate content is shared. Remember - moderation is not a First Amendment violation; you can reserve the right to delete, mute, or boot!
- At the start of your event, educate your attendees about privacy and security, such as recommending they have the latest security updates on their devices, no sharing screens or screenshots on social media, in particular with other attendee's PII visible, not giving out their email addresses to other attendees, and to double check the sender on email correspondence to help them avoid phishing attacks.
- Develop a clear procedure for how to respond in case of a breach, including timely notifications if necessary and how you are addressing the issue - the timing can make or break your reputation, so the sooner the better!
How Professional Event Management Can Help
Since this is our specialty, we would be remiss if we didn't include an overview of what to look for when you decide to outsource your virtual event management. A (good) virtual event management partner works with you to assess your security wants and needs, providing guidance, implementation, and support throughout the event lifecycle. They build your events and event programs to your specifications and provide experienced, "on-demand" staff for live event moderation, relieving you and your presenters from being interrupted by support requests or trolls. Other perks of teaming up with event managers include:
- Comprehensive event, program, and technology management
- Technical setup and production
- Scheduling and registration management
- Presenter training and coordination
- Technical walk-throughs and dress rehearsal coordination and support
- Live event moderation and support
- Secure event recording cloud storage
- Post-event reporting and analytics
Outsourcing virtual event management offers you the freedom to focus on the most important aspect of your events: content!
We've Got Your Back!
Here's the TL;DR for this post: EventBuilder has everything you need to add enterprise-grade privacy and security to your events, the experience to support, scale, and help grow your virtual events and webinar programs, and offer the comprehensive event solutions you need to get you where you want to be. Schedule a free consultation today!