Since the start of the COVID-19 pandemic, virtual events have become very popular. They are one of the most effective (and only) ways for conferences, concerts, meetings, and other events to occur safely while transmission remains a risk. Unfortunately, however, it seems cyber criminals have also picked up on the popularity of virtual events and have begun exploiting them as a method to breach the security of event participants.
Many Zoom users, for example, have experienced “Zoom bombing” in recent months, where random, unwarranted meeting attendees hijack calls to mess with or disrupt its participants.
As an event planner, it is vital to pay close attention to these types of security issues and follow the kind of safety tips that keep your virtual events safe and secure for attendees.
Related eBook: The event planner’s guide to data security
Here are four tips to keep your virtual events cyber safe:
1) Control Who Can Access the Event
One of the first rules of thumb for virtual events is knowing exactly who is participating. Just like you would for an in-person event, it’s important to understand how many people will be attending, who those people are, and also prevent the attendance of unwanted or out-of-place attendees.
In order to do this effectively, there are a few proactive measures you can take that will coincide with planning the event and sharing the details to attendees. One of these is ensuring you manage registrations for the event. Whether you opt to use a dedicated registration system or one that’s integrated with your virtual platform, making pre-registration necessary will help to control who is able to attend the event and will limit risk of hijacked events.
With that said, be sure to only share the online event link once an attendee is registered. Do not create public events and share the web link across social media channels, advertisements, or other publicity channels, as this can often encourage unsolicited and malicious participation. Some platforms allow you to use a password or other authentication requirement for attendees to access the event. However, avoid using a Personal Meeting ID (PMI) for events open to those outside the organisation. A PMI is basically one continuous meeting, so once an attendee has access to your PMI, they can enter any of your future meetings. Be sure to instead use a random meeting ID.
Once your event has begun, lock the event at a specific and clearly-stated time to restrict unwarranted access—just be sure to communicate this time to your registered attendees well in advance!
On-Demand Webinar: How to choose a virtual event platform
2) Communicate Cyber Safety Best Practices to Attendees
Studies have found that approximately 90% of data breaches occur due to human error, so it’s also important to communicate cyber safety best practices with your attendees too.
Many of these precautions are quite simple to act upon – but are often forgotten by those who aren’t made aware of them. You may find it helpful to send out a reminder email including these safety measures to your participants ahead of the event time.
One important precaution to include is to use a private Wi-Fi network, rather than a public one. Public Wi-Fi networks, which are often sources of free Wi-Fi at shopping malls, hotels or restaurants, often make it easy for hackers to position themselves between you and the access point. Though many people don’t realise the dangers of connecting to public Wi-Fi networks, it’s important to know that anything you do on a public network isn’t secure.
It’s also important to encourage participants to download and be up-to-date on antivirus software and/or firewalls. Antivirus software is a program or set of programs that are designed to prevent, search for, detect, and remove software viruses and other malicious software, whereas a firewall can help protect your network by filtering traffic and blocking outsiders from gaining unauthorised access to the private data on your computer. These tools can be incredibly useful in detecting and preventing cyber threats.
Finally, discourage participants from accepting any unsolicited chat requests from people with suspicious profiles during the event, especially if they ask for any sort of personal or company-related data or information. Should these types of instances occur, have participants immediately report the occurrence to the event leader or meeting host.
3) Strengthen Network Security Ahead of Time
Network security is another issue when running virtual events. As CSO Online defines it, “Network security is the practice of preventing and protecting against unauthorised intrusion into corporate networks… it complements endpoint security, which focuses on individual devices; network security instead focuses on how those devices interact, and on the connective tissue between them.”
To put it simply, network security focuses on the protection, detection, and reaction as it relates to company security. This includes protecting and securing external network access, which can help secure devices, regardless of location. This is especially important for virtual events, which likely have participants logging in from all over the country or even the globe.
Network security methods include access control (where the administrator can block unauthorised users and devices from accessing your network), mobile device and wireless security, as well as data loss prevention.
Make sure that the organisation hosting the event has secure network options in place, which will help to ensure event security on all fronts.
4) Deter and Manage Any Disruptive Activity
Although the tips we’ve mentioned so far should help to prevent key safety concerns throughout the course of your virtual event, it is important that cyber security is continuously monitored throughout the course of the event to ensure safety has not been compromised.
Your meeting host or a designated participant should monitor the active list of attendees to monitor for any unwarranted or unknown attendees that aren’t reflected on your event’s registration list.
Depending on your event, consider disabling features that allow attendees to present their desktops or interject without being called upon. This can greatly reduce the ability of an inadvertent or malicious disruption.
Finally – if at all possible – try to limit event participation. Large events can more easily attract malicious participants intent on sabotaging your event and can also be more difficult to monitor for suspicious activity.
Although such incidents are rare, these are some of the risks that event creators should consider before their events – especially as virtual events (or events with some virtual element) are going to be around for some time. Use the tips above to ensure your events’ safety and keep you, your participants, and the organisations involved safe from cyber threats.
Enjoyed reading this post? We have plenty of COVID-19 related resources on our blog which event planners may find useful right now. You can also sign up to our weekly newsletter for tips, updates and research reports on all the latest event trends.