80% of event planners put data security as top priority for 2016 – only 40% confident of policies
Addressing security concerns around event and delegate data was the key finding in a survey done by Eventsforce – the global experts in event management software. The study, which was conducted across 50 organisations in the UK and the US, revealed that 80% of event planners marked data security as a top priority for 2016 yet only 40% felt they had the adequate security policies in place across their organisations.
“There have been a number of high-profile data breaches over the last year and though there have been no major incidents involving the events industry, it is something we need to prepare ourselves for. Events deal with highly sensitive customer information, including names, emails, telephone numbers, employment information, disabilities and so on. Ensuring this data is kept safe is critical – not just for delegates, but for those organisations storing this information,” said Steve Baxter, CTO of Eventsforce. “The survey exposes some key areas – like password hygiene, delegate payments and regulatory compliance – where event planners need to put greater attention to in order to prevent data from getting into the wrong hands.”
As part of its findings, the survey revealed that 81% of event planners do not change their passwords to their event management systems as often as they should (less than once a year) and a further 33% claim to have shared their passwords with other people. This increases the risk of a breach and makes it difficult to accurately identify who has access to the system at any given point in time.
Another area that the Eventsforce survey investigated was security issues around delegate payments and PCI DSS compliance. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. Nearly half of those surveyed didn’t know if they were PCI DSS compliant, with 84% not being able to identify compliance requirements and a further 73% unaware of the fines for non-compliance (ranging anywhere from $5,000 to $100,0001).
Email communications was highlighted as another area of vulnerability. The survey found that 65% of respondents emailed their event data to third parties or other departments within their organisation after downloading the information from their event management systems. A further 36% admitted to emailing their API key – a form of authentication that allows third party systems like event apps access to data saved in event management systems. Sharing this key via email makes data more vulnerable as it is left exposed to anyone who has access to this key.
In addition, the survey highlighted how EU Data Protection regulations require extra security measures when dealing with ‘sensitive’ delegate data. Personal information can include things like names, addresses and phone numbers. However, sensitive personal data is any information relating to the delegate’s racial origin, political opinion, religious beliefs or mental and physical well-being. The survey found that nearly 40% of respondents didn’t think race and religion were considered as sensitive and only 26% thought dietary requirements (which may indicate religious inclinations) as sensitive.
For a more comprehensive look at these insights and some of the other findings from the survey, please download the infographic below:
Eventsforce provides event management software that helps results-driven professionals deliver thousands of successful events each year. With offices in London (UK) and Denver, Colorado(US), our customers span 14 different countries and represent some of the leading names in finance, education, government, associations, PCOs and publishing. Our unique partnership approach and our highly customizable, modular software provides a complete end-to-end management solution that addresses every aspect of the event lifecycle: from event planning, marketing and registration, to abstracts and awards management, as well as post-event analysis and reporting.
For more information, please visit www.eventsforce.com
Tel: +44 (0)20 77856997