Making security & privacy a top priority for your virtual events
With virtual conferences & hybrid events here to stay, it is imperative that attendee and stakeholder data is secure and protected from breaches.
There are two main components to a virtual event that require security analysis and investigation: the virtual event platform and the streaming service.
Below is a list of questions and considerations when choosing a virtual event platform and streaming service partner:
Pre-Event
1. What security certifications has your platform obtained?
When selecting a virtual event platform, confirm the type of security certification(s) a platform has obtained or are compliant with. For example, does it meet a set of data security standards by being GDPR (Europe’s privacy law) or PIPEDA (regulates privacy in Canada) or CCPA (California Consumer Privacy Act) (California’s privacy law) compliant? Is the platform PCI (Payment Card Industry) DSS compliant? Can the platform accept, process, store or transmit credit card information all within a well maintain and secure environment if your virtual event if fee based?
2. Are you using a web-based platform?
Web-based platforms are best because downloads carry the risk of installing malicious material. If a download is required, make sure to loop in your IT team to ensure the download can be pushed out over your company’s network easily and safely.
3. Is attendance secure?
Does the platform enable you to control how an attendee gets access to the virtual event? Always ensure the platform has ability to provide multi-factor authentication to confirm an attendee’s identity. And whenever possible, provide all attendees their own unique URL and access code.
4. How is your video signal being protected?
Beyond identifying which solution will deliver your multimedia content with the best viewing experience for the audience (latency, choppiness, etc.), it is important to understand how secure the transmission of information is. Protocols like RTMPS offer an additional layer of security encryption to ensure that the stream cannot be intercepted by an unwanted person/hacker. Secure Socket Layer (SSL)/ Transport Layer Security (TSL) are well known protocols that ensure data is secure over a computer network.
5. Consult the experts.
Work with partners who can help you navigate this process and educate you. Whether that’s your event agency, platform or streaming partners. Ensure to bring in your Business IT team into these conversations as early as possible to ensure organizational security standards are met. Depending on how your organizations’ servers and networks are routed, other special considerations are required.
During the event
1. Set up a multi-factor authentication process.
Require attendees to log in via a multi-factor authentication process (via pre-loaded email with unique URL or a whitelisted email & password). This will help prevent any unwanted attendees or multiple users under one account.
2. Check who attended your event.
Ensure the metrics on your platform are set up properly to be able to report on who had attended so that you can ‘block’ unwanted attendees (if detected).
3. Moderate the conversation.
During the event leverage tools like moderation for Q&A or “request to speak” features to avoid things like “Zoom bombing”.
Post Event
There is still a need to put protocols in place to manage security post event.
1. Keep your passwords post-event.
Events with sensitive information should always have recordings shared via password protected access. Internally, any attendee data should be password protected if it is being archived or should be deleted off any servers or computers.
2. Control access to content.
One can also restrict video viewing to certain IP (Intellectual Property) addresses to ensure only employees on VPN can view the recorded sessions.
In summary
Be prepared to do your due diligence and expect the same from your partners. Work with partners that take the responsibility and initiative to explain how they approach security and privacy and educate you as a client. It’s not a simple checklist and it should be managed throughout all steps of the planning and execution.
Proof Experiences can help you navigate through all the security concerns you may have and ensure your virtual events are safe and successful!
Group Director, Conference & Events
LIKE WHAT YOU SEE?
Sharing is caring
GET THE PROOF
Get in touch and let's start a conversation.
