Leading Meeting Professionals

Professional Convention Management Association

June 29 2015

4 Tips To Better Protect Your Meeting’s Data

By Mary Reynolds Kane

There’s a growing business on the black market, and its success mean your meeting’s failure. It’s the data hacking economy. All the credit cards, email addresses, passwords, mobile numbers and more private information transmitted on the network at your event represents serious profit potential for criminals.

“Hacking and stealing of data at conferences has been professionalized,” Michael Robinson, CCE, Senior Cyber Threat Analyst & Professor, Stevenson University, said at the 2015 PCMA Education Conference in Florida. “Your attendees are targets.”

From stealing data to disrupting services at events to damaging an organization’s reputation, Robinson highlighted that hackers and cyber criminals have a wide range of motivations for working to cause problems at meetings. Some of them are pulling off some serious stunts, too. At the Linux Australia Conference earlier this year, the registration server was hacked. In March, hackers crashed the live stream and the website of the Shepherds Conference, and remote attendees were unable to connect. The Syrian Electronic Army recently defaced the website of the RSA Conference, a gathering designed to address hacking issues.

So what can you do to make sure your meeting is safe? Here are four tips that can provide better protection for your meeting’s data.

1) Ask your mobile app developer for answers.

As attendees have grown increasingly inseparable from their smartphones, meeting planners have moved mobile apps into their must-have priority lists. Mobile apps can enhance the on-site experience, but Robinson highlighted that they can also be a hacker’s best friend.

“A hacker can just download the app for free and get all your attendee information,” Robinson said.

While every meeting planner wants to help attendees find good networking opportunities, Robinson reminded the audience that any attendee database must be encrypted. Otherwise, cyber criminals have easy access to names, email addresses and places of employment — three valuable pieces of information hackers can use in sophisticated phishing email attacks.

SEE ALSO: 6-Step Mobile App Check-Up

2) Update your definition of “security.”

Every meeting planner is familiar with the need for a physical security team. These are the people who are strong enough to deal with an unruly attendee, but Robinson told the audience that they also need to work with someone who knows the ins and outs of cyber security. As hackers continue to target conferences and events, meeting planners will want to work with an outside expert.

“Your security team should come in before the event and do a sweep and do another after the event is over,” Robinson said.

The sweep can uncover any unauthorized wireless access points or other evidence of criminal behavior that may indicate a potential data breach.

SEE ALSO: The Serious Cyber Security Threat That Could Hurt Hotels

3) Ramp up your registration kiosk protection.

All those iPads and desktops in the registration area? If they’re not secured, they’re a hacker’s dream. Robinson recommends disabling the USB ports of any computer connected to the meeting’s registration system, so no one can hijack the kiosk and steal the data. He also recommends disabling the Windows Help feature and staffing the area with someone who can physically monitor the area for any suspicious activity.

4) Know that it’s okay to be inconvenient.

Those unmanned charging stations to make sure attendees’ phones don’t die? They’re easy targets for hackers. That free Wi-Fi network without a password? There’s nothing stopping hackers from duplicating it without attendees knowing any difference.

“I like the convenience we’re offering at our events,” Robinson said. “I just don’t think we’re doing it well.”

In the era of connectivity, that convenience can get in the way of crucial security steps. Robinson told the audience that as hackers continue to get smarter, meeting planners must make it more challenging — even if that means a few more steps for attendees. Entering a password might seem slightly annoying, but it’s much less hassle than working to cancel stolen credit cards.

Interested in more insights from the 2015 Education Conference? Robinson's full session, "Protect Your Attendees from Cyber Theft and Attacks" is available for purchase here. You can also attend the rebroadcast of Education Conference for free here.

Please log in to post comments.