Is Your Event Data Secure?

March 8, 2015
If you are attending an event and you see Michael Robinson, cyber threat analyst and forensic investigator, walking toward you, it’s likely not going to end well for you.
 
Cyber security was the topic of Michelle Bruno’s interview with Michael Robinson on the TSNN Webinar, “Securing Your Event’s Digital Data.”
 
What does Robinson think about the safety of our event data and what do we have to worry about? “Events, just by their very setup because they are so open and they have so many people attending, they are not very secure,” Robinson said.
 
He added that data security doesn’t happen by accident. It has to be planned for when we start planning our events.
 
Up for discussion during the webinar were common risks to events such as pineapple routers, fake cell phone towers, open Wi-Fi networks, unsecured registration kiosks and how even organizers can best protect themselves.
 
Robinson went on to discuss vulnerabilities around event mobile apps. Many of our apps have sensitive information. Hackers can break into that app and steal people’s contact information and target your attendees with Phishing emails. If the app is connected to backend systems such as registration, there is a potential to steal credit card information as well.
 
Basic questions event organizers should be asking developers at the start are, is the database you are storing on the phone encrypted? Do people have to log in with a name and password or just an email address? Does the app automatically encrypt traffic being sent back and forth?
 
Another thing that Robinson does not like are social sign-ins (allowing attendees to sign in to the event app via their LinkedIn, Twitter, Instagram or Facebook credentials). 
 
“We are in a mad dash right off the cliff. We are running as fast as we can like lemmings. We do this because we want to make things easy for people,” said Robinson.
 
While social sign-in is a useful tool, it comes with it’s own set of risks. Once someone gets that one set of credentials they can get into just about any system your attendees access.
 
What should you do if you find out your data has been compromised? Let your attendees know immediately. Warn them they might be open to phishing schemes.
 
Some basic tips Robinson offers event organizers:
 
1.     Be careful about what data you are collecting and ask yourself why you are collecting it. Do you need it? What would happen if someone stole it?
 
2.     Ask your app provider and web developer how they are protecting your data. Ask what kind of encryption they are using and what standards they are adhering to. Robinson says that no one is using something so proprietary they cannot share it.
 
3.     Do not share your event Wi-Fi password where people who are not attending your event can see. Change it every day and make sure everything passing through the network is encrypted.
 
4.     Ask your venue if they monitor their space to ensure no one sets up a wireless network that is not the venue’s, that no one turns on a fake cell phone tower, or that no one turns on a cell phone or wireless jammer. If they don’t do this, make sure your security people are prepared to take this on.
 
5.     Make sure no one can access USB ports, flash drives, or event systems on your registration kiosks and laptops. Protect all entry points where people can connect to the Internet. Make sure your vendors have secured all their equipment as well.
 
6.     Don’t be shy about asking questions about security with your vendors. These questions should be asked up front, not a few weeks before the event. Have a checklist in place so you don’t forget any key areas.
 
7.     Train room monitors and kiosk monitors to keep an eye out for people who are up to no good.
 
Robinson said that the examples he uses are not hypothetical scary stories. These cyber breaches are happening now at tech conferences and spreading into other industries.
 
“Hacking has been professionalized, people are being paid to steal data,” Robinson said. For $1000 anyone can buy a small piece of equipment that impersonates a cell phone tower. That’s not a hefty investment for someone who hacks for a living.
 
The complete recording of the webinar is now available.

Add new comment

About text formats

Related Articles

The UFI Board of Directors has elected Anbu Varathan president of UFI for 2020-2021, making him the first person from India to hold this role in the history of the…
Reed Exhibitions (RX) is launching eight new trade shows this year across six cities: Chicago; Las Vegas; Orlando; New York; Portland, Oregon; and San Diego. A combination of…
During our recently held “Social Media for Trade Show Promotions” webinar, we asked attendees a polling question about whether (or not) they were using social media to…
Event industry executives and technologists will have a chance to test new event-ready tech solutions at the second-annual TechDemo, to take place during the 18th annual…
From Los Angeles to Germany, trade shows around the world saw higher attendance and larger exhibit floors than previous years last month. Take a look: DSE 2019 Digital…
A lot of people are genuinely “exhibiting.” They have a product and it’s on display. Look at it. See it’s brilliant innovation. See what our company has done to advance the…
Partner Voices
Partner Voices
HERE, EVENTS HELP YOUR COMPANY AND THE COMMUNITY
MGM Resorts is committed to fostering an inclusive and diverse culture, not just among employees and guests but also within its supply chain. The company prioritizes procuring goods and services from businesses owned by minorities, women, veterans, people with disabilities, LGBTQ individuals and those facing economic disadvantages. This commitment is integral to MGM Resorts' global procurement strategy.    Through its voluntary supplier diversity program, MGM Resorts actively identifies and connects certified diverse-owned suppliers to opportunities within its supply chain. The company is on track to spend at least 15% of its biddable procurement with diverse-owned businesses by 2025, demonstrating that supplier diversity is not only a social responsibility but also a strategic business imperative.    Supplier diversity isn’t just the right thing to do – it’s good for business. A diverse supply chain allows access to a broader range of perspectives and experience, helping to drive innovation, entrepreneurship and resilience, while strengthening communities. At MGM Resorts, engaging diverse suppliers ensures best-in-class experiences for guests and clients. Supplier diversity ensures a more resilient supply chain while supporting economic development in the communities in which it operates.   The impact of MGM Resorts' supplier diversity initiatives is significant. In 2023, these efforts supported over 3,500 jobs across more than 30 states, contributed over $214 million in income for diverse-owned businesses and generated more than $62 million in tax revenue. The story extends beyond the numbers – it reflects the tangible benefits brought to small and diverse-owned businesses, fostering economic empowerment in their communities.    MGM Resorts also supports the development and business skills of diverse-owned businesses through investment, mentorship and education. Through the MGM Resorts Supplier Diversity Mentorship Program, the company identifies, mentors and develops diverse-owned businesses to fill its future pipeline, while providing businesses with tools and resources to empower and uplift. Since 2017, the program has successfully graduated 105 diverse-owned businesses and is on track to achieve its goal of 150 graduates by 2025.     MGM Resorts’ commitment to supplier diversity not only enhances its business operations but also plays a crucial role in uplifting communities and fostering economic development. This approach reinforces the idea that diversity is a powerful driver of innovation and resilience, benefiting both the company and the wider community.   
Learn More