“You Can’t Handle the Truth!”
Do You Have an Antidote for this Event Website Poison?

You Don't Want Your Event in the News for THIS ...

Last Thursday, I had a great training session with a Belgian client. During our meeting, the topic of data security was discussed. Not a week goes by where another company isn’t making international news for an online data security breach. Today’s email is long and essential, so please bear with me!

Event_promotion_data_protection
“Eugene, why are we talking about data security?!?! I signed up for event promotion advice!”

Please consider the following: “If your event’s customer data is compromised, who gets the blame?” You and your organization are going to be in the news! Your customer won’t care what vendor you hired or who’s fault it is. They will blame you!

Ask yourself, “If your customer data is hacked, are people going to buy a ticket to your next event?” No amount of event promotion advice can fix broken trust with an angry customer. Especially when their personal information has been comprised and they blame you. If you aren’t “toast” after a customer data breach – you’re lucky!

Please understand that data security can be extremely complicated. We’re not going technical today. There are two necessary security steps you can implement in the short term. Before we get into the recommendations, there is a disclaimer. Please make sure you consult with an experienced Information Technology (IT) professional, before trying to implement any ideas from this email. Also, the two steps won’t make you completely secure, just much more secure than most.

Security can be a double edge sword! Sometimes you can make things so secure, you get locked out. Allow me to embarrass myself … there have been at least two occasions when I’ve locked myself out of important projects. And the recovery wasn’t a simple password reset via email. In one instance, it was two full days of dismantling a computer and advance coding (for a lousy programmer = me!) to regain access. All because of too much security.

If that’s not enough, allow me to go overboard to drive home the point:

It’s a story from this week’s news: "Cryptocurrency chief executive takes password key — and $280m Bitcoin fortune — to his grave. ... after Cotten’s death on December 9, his family and colleagues realised that the strict security measures he had adopted to guard his cryptocurrency stash left them with no way to access the company’s coffers. The result? Nearly $283 million worth of cryptocurrency has gone missing forever, as the complex string of passwords required to gain access were known only to Cotten."

News Source: The West Australian / https://thewest.com.au/business/money/cryptocurrency-chief-executive-takes-password-key-and-280m-bitcoin-fortune-to-his-grave-ng-b881099377z

Now that we’re through the disclaimer and sad story … here are the two security recommendations:

Recommendation One: Software Security Updates & Patches
Two years ago, a client had their event website hacked. Their first question during a panicked telephone call, “Eugene, is our customer data secure?” ZERO customer data was compromised!

That’s the way it should be – no customer data breach … even if your event website is hacked. From what the client’s website hosting company could deduce, there was a tiny software vulnerability on the website server. This vulnerability allowed the hackers in. A routine and recommended security patch would have avoided the whole fiasco.

Software updates & patches are recommended for any technology you use: computer, phone, tablet, wireless router, internet router, etc. Every piece of technology is a potential hacker entry point. For updates, I strongly recommend an IT professional for assistance. Especially on website updates.

Recommendation Two: Use Super Secure Passwords
Every password you use is a potential hacker entry point. The most essential piece of password advice … use very complicated passwords and never reuse the same password. Your passwords should look like this “h37c$G)@jdS&A(tRj#A” and be at least 16 characters at a minimum. Also, make sure you have an easy to you – password backup plan! Consider my two-day password recovery debacle from above. If this sound like a lot of work, it is.

Fortunately, there is a handy piece of paid software I can recommend. During Thursday’s call with the Belgians, I suggested a password service called “Dashlane.” Dashlane’s tagline is “never forget another password.” You only need to remember one password. Dashlane helps you with all the rest. Go to https://Dashlane.com and find out if it’s a good fit for you and your organization. Are there free password managers? Yes. I don’t recommend free when you’re responsible for your customer’s data.

Two Simple Recommendations
Over the last 20+ years, not a single client of mine has had ANY customer data compromised using the two suggestions above. (Knock on wood!) To be clear, the client website hack was an instance where the client insisted on managing their own web presence. They also didn’t take advice well. My part of the project was not compromised. That said, telling a client “I told you so!” doesn’t help. I bailed them out of a pickle because that’s the right thing to do.

Here’s a quick security BONUS. Even passwords are becoming a point of weakness. If you want to get serious about your online security, look at company called Yubico.

https://www.yubico.com/ They make specialized USB “keys” that allow for very robust 2FA (Two Factor Authentication) and other security protocols. Hackers hate Yubikeys!

This is getting long, so we’re going to end here for today.

Note: In case you're wondering, none of the above links are affiliate links.

Here are a few older entries on online security:

Looking for more event promotion advice? Check out the articles below:

Comments

The comments to this entry are closed.