Mar 06, 2017 by Alex Carter

The Online Password Security Checklist for Event Professionals

It’s no secret that event planners, agencies, and other event profs use a wide variety of online accounts and tools, often filled with sensitive data. Are you taking the right steps to protect your important accounts?

Using a roster of digital tools and online services is a growing necessity in the industry.

But with every new tool comes another account, password, user privileges for your team, and security headaches. The recent Cloudflare security breach affecting up to 6 million websites, and the discovery of 950,000 Coachella users’ info being sold online, underscore the point: data security threats are very real, even if you’re not the direct target.

And in this industry, it’s not just our own data that we’re protecting – we’re making past, present, and future guests feel safe and trust us with their information (data that so often helps plan better events).

So is that all reason enough to swear off the digital lifestyle and dump your valuable event tech toolkit? No way.

In addition to it simply not being feasible to fully stick to analog tools, the truth of the matter is that many people, even professionals who use digital tools and services daily, don’t always take basic precautions to safeguard their online accounts.

We put together a simple password and account security checklist to help keep your bases covered and focus on the exciting parts of your job.

1. Make a data map and identify important accounts

What to do: First things first, you need to know where your data is. Sketch out a rough map (Lucidcharts is a great free tool for this) of your accounts, and what data is stored where, both for your team and your guests or clients. Draw a line between any accounts that are connected (like Gmail and Google Drive).

What to look for: See where your most sensitive data is stored, and which accounts give access to the most important info (like guest personal information or key business emails). You should be able to quickly see which accounts are the most important to protect.

2. Use a password manager

What to do: Choose a reputable service, like Dashlane or 1Password, to use for work-related password management.

Why: Password managers have come a long way since the early days. Now they’re an easy way to manage an ever-expanding list of passwords and accounts, share account access with other team members without sharing actual passwords, notify you of vulnerable passwords, and more.

3. Use strong and unique passwords

What to do: Avoid the temptation to recycle passwords! If you’re among the majority that does it anyway, refer to your data map from step 1, and make sure that at least your most important accounts are all unique, and not easily guessable. A password manager, like the ones mentioned above, can generate strong randomized passwords, or you can use a method for creating your own memorable and secure passwords.

Why: Like a row of dominos, if one weak or reused password is knocked down, it can knock down a succession of other security measures. Don’t be that domino.

4. Use two-factor authentication

What it is: In a nutshell, two-factor authentication (sometimes called 2FA) just means adding a second layer of security to your account. Think adding a phone number/confirmation email/secret question, or whatever method each service allows.

Why: Adding additional layers dissuades intruders from guessing their way into your account. Some types of 2FA, such as getting a text message to your phone with a random login PIN, are also much harder for someone without direct access to you to crack.

5. Schedule a regular housecleaning session

What to do: Set a date and time on your calendar to sit down, pop on some headphones and a good playlist, and do a quick scrub on your accounts. Make sure ex-team members and consultants are removed, passwords are strong, and things are neat and tidy the way you want them. You can schedule it once every two weeks, every month, or every quarter, depending on how many accounts you manage, and how frequently access to them is updated for new people. The important thing is to do it regularly, just like any good cleaning.

Why: Teams change, consultants come and go, but it’s all too easy to forget to update your accounts to match that. Setting aside a regular time to make sure things are in order helps cut down on ad hoc time and headaches, and helps you stick to good habits.

And with that, you’re way ahead of the game!