As an event planner, you manage a ton of sensitive data. Personally identifiable information (PII) is always a high-risk target for data breaches. PII includes any information you hold about attendees that could distinguish or trace them individually: full names, social security numbers, emails, credit card numbers, and more.
As an event planner, you’ll need to individually distinguish your attendees, if only for registration purposes. They understand and will trust you with their data, so it’s best not to take that trust lightly. They are the lifeblood of your business, so losing their trust could be fatal. Taking the necessary steps to protect their privacy should be a priority, if not because you want to protect their privacy, but, at the very least, because of what it will cost you.
The average cost of a data breach
IBM published a study which shows that the average cost per record lost is $148. How many records do you manage? This cost comes from detecting and reporting the breach, notifying and helping customers affected by the breach, and most importantly the business you lose from offended customers and downtime to recover. Basically a waking nightmare.
Don’t panic. While the risk is very much real, you’re far from hopeless. Prevention is the best way to avoid a data breach. This whole mess can be avoided, you just need to be careful with the risky areas. Make sure to establish or review your safety protocols, you will probably regard them differently now that you know the potential cost.
The most important is when you’re migrating data. Whether you’re receiving or sharing data, this is a critical point to watch. You shouldn’t just exchange emails with the information every time you need to move it. It might seem convenient, but is it worth the risk? Make sure your data communication is safe. Attendee registration and third-party sharing processes should be designed thinking about safety first.
The next risky area you need to watch over is your storage. When designing the flow of operations with access to attendee data, you should keep safety in mind. Even more so if you need to comply with the new GDPR regulations. Remember that this includes your backups. They are very important, losing the information can be just as bad as having it stolen. Many event planners forget the backup is even there, it still needs to be protected.
The same goes for third-party storages. If you share your data with ticket sellers, event app providers, or any other third-party make sure they will keep it safe. You should share your data only with people or companies you trust. Even then, ask them about their security protocols, keep in mind how costly a potential data breach would be.
Knowing which are the risky areas will help you avoid oversights, but there’s so much more you should know about data security for events. Keep tuned if you’d like to learn more about how to keep those risky areas safe. We’ll be sharing more interesting security tips in our next publication.