Keeping your member data safe builds member loyalty and reduces risk for your association.
Here are three ways that the right association management software can help protect your member data.
October is Cybersecurity Awareness Month – the perfect time to consider what your association is doing to protect your member data.
Keeping your association’s data safe reduces risk for your organization. It also helps to build the trust that members have in your organization – which translates into greater member loyalty.
You’ve probably read about common best practices for cybersecurity, such as using stronger passwords and being careful about clicking on links in emails. But there’s another aspect of data security to consider: Using an association management software (AMS) system that promotes and supports strong security practices.
Let’s look at three ways that the right AMS system can help you keep your member data safe:
1. Consolidate your member data.
Having an AMS system to collect and manage your member data makes it easier to keep your data secure. But it’s important to keep in mind that not all AMS systems are created equal.
For example, NetForum Cloud AMS by Community Brands incorporates more than 30 modules in a single system. Modules include functionality for membership management, chapter management, committee management, credentialing, and fundraising to meet your entire organization’s needs. Because the member data for these functional areas of your organization is managed in one system, you have fewer systems to worry about when it comes to securing access to your data.
2. Choose an AMS system with strong security features and approaches.
There are multiple ways that your AMS can help you secure your member data. For example, here are some of the key security features of NetForum:
- Secure platform – NetForum is built on the Microsoft Azure platform, giving your organization the modern security benefits of the Azure environment through NetForum, including:
- Cloud-native network security and monitoring protects the data and performance of your applications and network.
- Built-in cloud governance capabilities help ensure your organization meets global data regulation requirements, including General Data Protection Regulation (GDPR).
- Cost-effective backup and disaster recovery minimizes disruptions to your organization.
- Multi-factor authentication – To log into NetForum, users must pass through two levels of authentication. Once users enter a valid network login and password, NetForum checks to confirm that the user is in the NetForum database. Once they have been authenticated, the system checks to see what security group the user is a member of, and then defines that user’s permissions accordingly.
- Risk mitigation – The NetForum team stays updated on the latest security threats and tools, and takes proactive steps to mitigate risk. For example, reCAPTCHA is a free and commonly used tool that’s easy to install and adds another layer of protection to your website and member data, helping to tell the difference between people and bots. However, hackers have recently found a way around reCAPTCHA, so the NetForum team is actively working on multiple ways to mitigate the new risk.
3. Selecting an AMS vendor that works with you on security.
While it’s important to have software in place that supports strong security, it’s also important to make sure your association is following the cyber security best practices that your software supports. Your AMS vendor should work with you to help you understand the software’s security functionality and what practices you should be following at your organization.
For example, the NetForum team provides customers with a list of recommended practices to prevent unauthorized access to your system and help protect member data. This includes things like:
- Using stronger passwords throughout the organization
- Implementing multi-factor authentication (MFA) to improve security
- Training for new employees on security best practices
- Removing credentials when employees leave the organization
Bonus: Partner with a best-in-class services provider to better protect your data. For example, NetForum Cloud is a certified Microsoft Partner so our customers benefit from their $1 billion annual investment in security.
Here are some key points related to Microsoft Azure Security Protocol and some of the security benefits:
Azure Infrastructure Security and Cybersecurity Framework: Geographically dispersed datacentres comply with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53, for security and reliability. You can find more information related to What Microsoft does to Secure Azure Infrastructure.
Microsoft has developed a NIST Cybersecurity Framework (CSF) Customer Responsible Matrix that lists all control requirements that depend on customer implementation, shared responsibility controls, and control implementation details for controls owned by Microsoft. Learn more about the CSF here.
Azure Security Benchmark (ASB) focuses on cloud-centric control areas. These controls are consistent with well-known security benchmarks, such as those described by the Centre for Internet Security (CIS) Controls, National Institute of Standards and Technology (NIST), and Payment Card Industry Data Security Standard (PCI-DSS)
Security Benefits using Azure App Service:
- Azure App Services follow the Azure Security Benchmark to provides Infrastructure and platform security where the application is run securely on the cloud.
- Identity and Access Management: App service provides layered security like multi-factor authentication to access the application.
- Security and Compliance: Azure App Service helps to deliver enterprise-level SLA by providing PCI security standards, SOC2 accounting standards, and ISO information security standards to use.
- Restricted Access & Network isolation: The web application can be configured to be publicly accessible or from IP masks. Also Web Application firewall and Internal Load Balancer in Azure Virtual Network provide isolation of app from internet
- Built-in HTTPS support: All App Service apps comes with a free SSL/TLS certificate so that we can have in-transit Encryption (and a trust level certified by a third-party authority) without having to buy anything.
- Application Secrets: App Service app can be integrated with Azure Key Vault for advanced secrets management.
And here’s one more “bonus” tip: As you put cybersecurity measures in place, let your members know about it. Tell your members about the data protection steps you’re taking, and they’ll be more likely to trust you with their data. That trust will lead to a better member experience and, ultimately, greater member loyalty.
In the end, investing in cybersecurity is a win for everyone. Cybersecurity Awareness Month is here for a reason, more so than National Waffle Day. Take notice and take care.
Let our team share more best practices for keeping your member data safe. Contact us today for a demo.