CONNECTIONS

The latest news and insights from the metroConnections community.

Keeping Event Data Safe


June 15, 2021 // Insights

Keeping Event Data Safe
Whether an event is entirely digital, entirely in-person, or a mix of both, security must be a priority. metroConnections fully understands the critical importance of keeping data of all kinds safe. Protecting that data has to be a priority during every stage of the event planning process. Our experience working with big banking institutions, high-tech software companies, and large Fortune 500 companies has forced us to take great lengths to ensure security in our virtual and hybrid offerings. Here are some things to consider when putting together your event.

Types of Data
The two major types of data are personal and program data. Let’s explore the differences between the two.

Personal Data
This is the type of data that is provided by your attendees and participants. Much of it may be private information, including birth dates, home addresses, and credit or debit card numbers. Usually this data is collected when implementing online registration for attendees to join a conference or event.

Erin Thompson, Vice President of Attendee Services, noted that there are a variety of applications that personal data can be used for.

“In general, private data is more registration specific. It’s a little less in play with virtual programming than it is with live and hybrid events. Because when you’re trying to get into things like booking travel, you need somebody’s date of birth. We don’t ever collect Social Security numbers. But maybe there is a need for collecting a credit card payment, because somebody is paying to attend the conference.”

Thompson pointed out that this kind of highly sensitive data lives in a very secure platform.

“This type of data never gets downloaded and saved to our servers. That information never gets passed on anywhere. A lot of it is encrypted and bound. For example, if I need to make an add-on charge to an existing registration for added conference sessions, I can only see the last four digits of the credit card number. I can’t see the full credit card number, I can’t see the CVV number. I can click it and use the credit card on file to charge an add-on charge. But I couldn’t take the credit card information and do anything with it, because our online registration software’s encryption binds that information.”

Program Data
This is company information, whether it’s the company planning the event or companies that are enrolling and paying for employees to attend. Depending on the type of program, it may include privileged business information. Program data can include far more than that, however.

“If we’re putting together a live broadcast for somebody, they have to give us logos or PowerPoints or videos or commentary,” said Bill Sather, metroConnection’s Vice President, Technical Solutions. “And the biggest concern is, how do we take care of that? How do we make sure that nobody can view this information until it’s ready to be seen?”

Collection and storage is one end of the data cycle, but the other end is equally important: Making sure that those event assets are disposed of properly.

“For us, it’s about upholding really strict policies around data management,” said Sather. “Our biggest concern is ‘What do we do with the data that people have entrusted to us?’ How do we handle it, manage it, and keep it safe until it’s time to put it out into the virtual programming world, and then pull back at the appropriate time? That’s the biggest concern we run into.”

Siloed Data
Thompson also explained the rigorous protocols metroConnections uses to keep each client’s data separate from everyone else’s.

“All of the data is logically separated in our online registration system so that each client has their own sub account, so any personal information that’s in there is logically separated by events. We never do anything with that data, because that data is owned by the client, or whomever is hosting the event. We’re not going to pull an attendee list from an event and market to them. It’s not our data. All of this is spelled out in our conference and event agreements to help clients feel confident that we are treating their data safely and wisely.”

Receiving Data
Clients provide data for their events in various ways–everything from setting up a secure FTP server or their own proprietary, secure transmission service, to simply sending information via email. But once a client’s data arrives at metroConnections, that data is being stored on either an encrypted server, or an encrypted drive. The files are all logically separated, meaning Client A and Client B are never in the same file structure. There’s no risk of cross-pollination.

Another layer of security surrounding virtual programming data is how it sits on metroConnections internal servers until it’s time to broadcast. For safety, the broadcast network is physically separated from the internal network. Once the broadcast is over, the data is pulled from that broadcast network, and either stored back in the internal network or destroyed, depending on what the client requests.

Live Event Extension to the Virtual World
If you’re considering adding a live event extension to a virtual event, it’s worth the time and effort to take extra precautions for the sake of data security.

“Make sure the right people access it, and make sure that whomever you’re working with is saving your data and not going to market it,” said Sather.

“The big things are making sure that your team on site is managing your event and keeping an eye on your data. Whoever’s managing your event, they need to walk back and make sure that they deleted that data off the computers they were using, and emptied the recycle bin. Also, any other computers must be encrypted and protected, too, and always accounted for.”

Protected systems
One way to ensure data will be safe is to work with an ISO 27001-compliant company.  metroConnections uses an online registration software which has that certification. ISO 27001 is an international data safety standard an organization can earn when it adopts an Information Security Management System (ISMS). These systems are widely recognized as the gold standard in data security.

Don’t just trust anyone with your on-site or virtual company data nor your employees’ or customers’ attendee data. Learn how metroConnections can safely, securely manage any type of event for you.