Insights
INSIGHTS
All Topics
How to keep your virtual events secure
10 Nov 2020by Paul Rubens
Use these simple tips to ensure your attendees’ personal information is secure and keep unwanted visitors out of your virtual events
You’re ten minutes into the opening talk at your charity’s virtual event, when someone you don’t know starts shouting about some political cause or screaming obscenities. Then all your attendees start to receive abusive emails from the same individual.
It’s a nightmare scenario, and one that demonstrates very clearly the need for virtual event security to prevent the nightmare from actually happening.
There’s another side to virtual event security too. In order to run a virtual event, your charity will need to collect personal information about delegates who want to attend. That information has to be kept secure. If that information is stolen by a hacker, it could harm the reputation of your charity - as well as proving very costly.
So, what steps should you take to keep your charity virtual events secure?
Security for small-scale virtual events
If the event is very small, with only a handful of attendees, then you might well decide to use a video conferencing application such as Zoom. You can email attendees the meeting ID and passcode and run the virtual event like a standard conference call.
To avoid the risk of unwelcome attendees joining your call and causing disruption (sometimes known as Zoombombing), you should take the following precautions:
- Ensure attendees understand that they should not share the invitation you send them, or the link to the conference call, with other people
- Activate the "waiting room" function so that you can manually allow attendees to enter the virtual event once they sign in to join the event. This allows you to screen potential attendees. If their name doesn’t match up with who you are expecting, you can request they turn on their camera before admitting them to the meeting proper
- Ensure the Zoom option "Allow Removed Participants to Rejoin" is disabled so that if you have to eject someone, they cannot re-join later
- Lock the doors to your virtual event five minutes or so after it starts. This minimises the window of opportunity for zoombombers to gain entry to your virtual event, but it is important to warn attendees beforehand that they will not be able to join the virtual event if they are late
- Restrict screensharing so that only those authorised by the admin can do so. Some Zoombombers have been known to share distressing or otherwise harmful material
Related Articles
Security for larger virtual events
If you are running a larger scale virtual event, then you will almost certainly want to use a virtual event platform to help you run it efficiently and securely. These software platforms allow you to split the event into multiple streams, offer live and "on-demand" sessions, record live sessions for later viewing, operate break-out rooms, and make it easy for delegates to network with each other.
But perhaps the most important feature from a security standpoint is that most allow attendees to register online before the event. Before registration opens you may choose to load the system with the email addresses of everyone who has been invited to attend, to prevent unwanted registrations from unknown people. Alternatively, you may allow registration to be open to all.
When delegates register, they choose their own password, and at the end of the process they are sent a personal link to the event. Each link should be individual, so only the person with that link, and who knows their own password, can join the event. This helps prevent anyone who gains access to the link from joining unless they also know the password.
Popular event management software includes:
Other security measures that should be in place include:
- Making it clear to delegates when they register not to share their event link
- Requiring the selection of a strong password when delegates sign up, to ensure that their account is well protected.
- Limit the screen sharing capabilities of attendees to speakers and moderators only. This measure is designed to prevent the possibility of anyone sharing undesirable content or images deliberately, and also prevents attendees from sharing their desktops accidentally and revealing private information
- Ensure that at least one member of your charity staff is monitoring your virtual event at all times so that they can act quickly to eject any Zoombombers or take other appropriate actions as necessary.
If your charity uses virtual event software then it is likely to store personal information such as names and email addresses, so it is essential that the software is used securely – not least to ensure you comply with the General Data Protection Regulation (GDPR).
In practice that means that you (or any other charity staff member who is helping to manage the virtual event) should:
- Connect to the event management software running in your offices from home using a remote access VPN
- Use two factor authentication (2FA) when logging on to the system to help prevent unauthorised access
- Ensure that the event management software and any systems that it runs on are up-to-date and running the latest security patches to minimise the risk of a hacker exploiting any known vulnerabilities in the software.
- Ensure that your computer is running endpoint security software from a reputable company such as Avast or Bitdefender to minimise the risk of hackers installing ransomware, a keylogger, or other malware which could be used to compromise the event management system.
Our Events
Charity Digital Academy
Our courses aim, in just three hours, to enhance soft skills and hard skills, boost your knowledge of finance and artificial intelligence, and supercharge your digital capabilities. Check out some of the incredible options by clicking here.
© 2022 Charity Digital Trust. All rights reserved
