Only 3% of cyber crimes are due to technical flaws and weak security. Then what are the causes for the other 97% of cyber crimes? According to Medium, employee errors are responsible for the majority of security and privacy breaches. All it takes is one unknowing employee to click on a malicious link, or to leave an unlocked laptop unattended, for an organisation’s personal data records to be leaked. In the events industry, while we collect a lot of personal data, we have also spotted many experienced companies with negligent practices throughout the course of our business.
Here are the top mistakes made by event management companies
#1 ‘Find your own names’
It can be really chaotic during event registrations, especially when there are so many people streaming in all at once. Searching for names from a huge pile of name badges is like searching for a needle in a haystack and you may be tempted to take what seems to be the easiest way out: Pre-printing name badges with personal information on it and displaying it on the table for all to see. Although having more pairs of eyes searching may help you save time, you may receive complaints regarding potential personal data breach as you are revealing your guests’ data for everyone else to see.
What can I do then? Either hide these name badges behind the counter where only your event staff can see, or use a smart QR check-in and onsite badge printing service where you can print name badges instantly in under 2 seconds after the guest registers with a QR code.
#2 Not disabling ‘ Auto-Fill ‘ function
This is a common mistake when you need your guests to key in their personal data on digital devices on the spot, for walk-in registrations or lucky draws. When your device’s auto-fill is enabled, just keying in an alphabet or a number could reveal a whole list of related personal data of previous registrants. Don’t put yourself at risk of personal data breach, remember to disable ‘Auto-Fill’.
#3 Using sign-in books
Even if you don’t use digital devices to register your guests, you still have a high chance committing a privacy breach if you use sign-in books. Imagine if you are holding a recruitment event and you have your potential candidates register in the sign-in book. A potential candidate could glance through the names who could be vying for the same role and could find ways to undermine the other candidates when speaking to the potential hiring managers.
You could either have your event crew register your guests themselves after verifying their identity by requesting for their business cards or last 3 digits of NRIC number.
#4 Forgetting to log out
At EventNook, many event organisers rent our iPads for registrations and use our event management software to track their ticket sales and attendees. However, after the event, we noticed that many would forget to log out of our application on the iPads. This could be a problem if we passed on the iPads to the next event manager, as they could access the previous records and sensitive data.
Hence as part of our best practice, the EventNook team will always ensure that these personal data would not be accidentally passed on to others as we will always do a check to ensure all accounts are logged-out, before handing the device over.
#5 Event part-timers’/volunteers’ error
No matter how careful you are with personal data, you must ensure that your event helpers are as cautious as you are. Many event managers are aware of such privacy risks, yet they forget to thoroughly brief the rest of the team about the do’s and don’ts when handling personal data.