RENEWAL
Meetings in the Post-Pandemic Era
Safety Essentials

A Double Dose of Meeting Security

September 20, 2022 By Mark Athitakis
In this article:
Whether meeting online, in person, or both, associations need to keep security concerns top of mind. Envisioning and preparing for worst-case scenarios in every venue and platform is now an essential part of meeting planning.

The current hybrid meeting environment means that association leaders need to think about meeting security in two ways now. A wider variety of online meeting formats and tools introduces new opportunities for attendee data to be stolen and exploited. And a fresh round of prominent stories about mass shootings in recent months has attendees and meeting planners understandably concerned about how to keep their events safe.

Len Murphy, vice president and general counsel at the Property and Liability Resource Bureau, an insurance industry trade association, has been exploring the physical security question over the past year as PLRB has returned to in-person meetings. He’s asked venues to discuss their plans for active-shooter scenarios and to detail the vetting that security firms undergo.

“You have to work with the venue and find out: How prepared are they?” he said. “Are they getting more prepared?”

Working With Venues

In Murphy’s experience, venues have been accommodating and open about discussing their preparations. For PLRB’s spring 2022 conference in San Antonio, Texas, for instance, the convention center shared its nine-page “emergency action plan,” which details guidance around dangerous scenarios—terrorist incidents, suspicious packages, active shooters, and more. (The active-shooter response reiterates the FBI’s “Run, Hide, Fight” protocol.)

But a lengthy PDF document shared on a conference app is only so helpful, especially in the middle of an unfolding crisis. Murphy recommends that presenters and volunteers be trained on safety procedures before the meeting.

“You should at least get them thinking about escape routes,” he said. “In hotels and convention centers, there are staff-only exits and entrances, and we wanted to make sure that people were aware that there’s more than one way to get out and that you’re free to use those staff access points” during an incident.

PLRB has also asked for more clarity from the security firms at its venues regarding how attendees are treated by security personnel to avoid escalating any confrontations. The association has asked venues to include language in its contracts barring security staff from “unwanted touching, restraint, or intimidation of others” and indemnifying PLRB from any such conduct. “We haven’t gotten pushback on it,” Murphy said.

“You have to work with the venue and find out: How prepared are they? Are they getting more prepared?” — Len Murphy, Property and Liability Resource Bureau

Sensible Data Security

Whether a conference is happening virtually or onsite, there are tech security issues to consider as well. According to Jonathan Roy, director of security and compliance at the IT firm DesignDATA, the rush to move to virtual meetings at the start of the COVID-19 pandemic led some associations to hire platform providers or make integrations that often left data unprotected.

“You might find a platform that is not so well known and really inexpensive compared to the big guys,” he said. “But if you dive into their policies, the reason it’s so inexpensive is because they harvest all the data of all your attendees and sell it to marketing companies.”

And even if the platform is reliable, third-party companies that offer specific integrations—like a chatroom or online retail function—can open the door to data breaches as well. “You can hire a big-name company that has a lot of security options, and then you get this free widget to add in that harvests all your data,” he said.

To get ahead of potential breaches, Roy says, associations should have their meetings and IT staffers work together to assess every conference’s data-related touchpoints, from app logins to badge scanners, to ensure that systems to protect attendee data are in place. They should also be prepared to ask tough questions of their external IT partners and be allowed to review any plans that a vendor creates.

Vendors “should be open to questions from your cybersecurity expert,” Roy said. “How often do you patch your systems? Do you have an enterprise-class firewall? They should be ecstatic to answer those questions. If they’re less than ecstatic, there’s probably a reason that should be factored into your decision-making process.”

Mark Athitakis
Mark Athitakis

Mark Athitakis, a contributing editor for Associations Now, has written on nonprofits, the arts, and leadership for a variety of publications. He is a coauthor of The Dumbest Moments in Business History and hopes you never qualify for the sequel.

More from Safety Essentials

View RENEWAL
Is Your Event Code of Conduct Up to Date?
For many organizations, 2022 marked the return to in-person meetings. But did they update their code of conduct to match the atmosphere they want at their events? Here’s advice to help you ensure your code is ready to guide attendee behavior.