Wednesday, August 16, 2017

Web Based Polling Exposure Risks

A previous Quick Tally Interactive Systems blog discussed exposing event data when using wireless, or web based audience polling with devices supplied by a vendor. There are more important and less well considered vulnerabilities that are created when using the event attendee’s personal internet connected devices.

Securing event communications has been heightened by the recent flood of news about intervention in the American election process. The topic relating more specifically to events (of interest to event planners) was highlighted in a recent article by the Event Manager Blog, the post discussed the Coachella music festival website data breach earlier this year which led to hundreds of thousands of people’s personal information ending up in the wrong hands.

Information on the Internet is stored on the hard drives of servers all over the world. Apart from the World Wide Web, the Internet also carries traffic for email, peer-to-peer file sharing, virtual private networks, encrypted financial transactions, online games, Internet telephony, instant messaging and lots and lots of other things.

While the organization having the interactive meeting or event may have the best internal security on their own network, they are still vulnerable when their information is going out over the Internet by a third party at their event. Their security is only as strong as the weakest link. That weak link might easily be the internet and/or the vendor that processes the audience voting data.

When internet based systems use the attendees own internet connected devices, the information travels out, gets aggregated and sent back to the venue both for projection—and viewing the results on the attendees Smartphones. That creates two problems. The first less important one is exposing the data from the event. The second and much worse problem is capturing the email contact information for all of the participants.

That could create a list of all key employees at that meeting or division, or working on that project. It could be used for many destructive purposes; among them is the creation of false communications between accounts. Imagine how valuable a list, just a list, of all of the scientists working on the Manhattan Project would have been to a hostile government?

From personal experience while working after 911 on several nationwide meetings for a government agency, I know that many major US companies truly believed they were prepared for a cyber-attack. They were surprised to discover that they were not. They hadn’t seriously considered all of the possibilities. This scenario is unlikely; however it is worth considering in high security situations.


5 Simple Ways to Keep Your Event Data Safe by rsvpBOOK

In a recent article by the Event Manager Blog, the post discussed the Coachella music festival website data breach earlier this year which led to hundreds of thousands of people’s personal information ending up in the wrong hands. Such an event data breach is certainly an event professional’s worst nightmare. Although you can’t always prevent very determined cyber hackers from stealing personal and financial information, you can make every effort to make your event data as secure as possible.

From retailers and banks to tech companies and Hollywood movie studios, data has been exposed as crackable, hackable and exploitable. Your event data is just as vulnerable. With today’s events reaching thousands or even millions of people, event data breaches become more possible.

How can event data hackers access event attendees’ personal information? Opportunities to collect event data are everywhere at events including pre-event emails, registration systems (online and onsite), interactive technologies especially those using unsecured Wi-Fi, mobile apps, insufficient event tech provider security.

… And the list goes on. Event data brings incredible insights and measurement capabilities to event professionals. However, with the industry overflowing in information, we now also have the responsibility of protecting it.


With over 30 years of experience in helping clients achieve their meetings goals. I am passionate about the power of insight. If I can help your firm discover this power, please contact me.

Alan Warshaw
President
Quick Tally® Interactive Systems, Inc.
Direct Dial: 310.306.4930


About Me

After graduating from New York University with a degree in Communications, Alan attended the New School for Social Research, Graduate School at N.Y.U. and the Master’s Program in Cinema at U.C.L.A. Following his service in the U.S. Army, Alan was employed by Doyle, Dane and Burnbach Advertising Agency. He worked in the U.S. and Europe in the feature motion picture production business. He was employed by Quick Tally Interactive Systems for one year prior to acquiring the company. He has owned and run the company for almost three decades and has pioneered in the manufacturing of ARS equipment and providing interactive event services. In addition to US State and Federal Government Agencies, America's leading companies, associations and television networks, he has also worked for events clients in the EU, New Zealand, Hong Kong Thailand and Dubai.