Are you doing enough to protect your member data?
Here are three ways your association can keep your member data safer.
Protecting your association’s data is in everyone’s best interest. It reduces risk for your association. It also improves the trust members place in your organization – ultimately resulting in greater member loyalty.
Using membership management software that supports strong security practices is fundamental to protecting your member data. Within this aspect of cyber security, here are three things you should be doing now to help keep your member data safe:
1. Centralize your member data.
Having a single system to collect and manage your member data makes it easier to keep data secure. But keep in mind that not all AMS systems are created equal.
For example, Aptify by Community Brands includes not only membership management functionality, a full set of applications – 21 in total – to meet your entire organization’s needs, and a mobile app. From customer relationship and meeting management to accounting and inventory, your member data is managed in one system and on-the-go. That means you have fewer places to worry about when it comes to securing access to your data.
2. Choose association management software (AMS) with a strong security foundation.
The platform that your AMS system is built on goes a long way toward helping you keep your member data safe. For example, in the latest release of Aptify, many new capabilities are Microsoft Azure-native, giving your organization the modern security benefits of the Azure environment through Aptify, including
- Built-in cloud governance capabilities help ensure your organization meets global data regulation requirements, including General Data Protection Regulation (GDPR).
- Cloud-native network security and monitoring protects the data and performance of your applications and network.
- Cost-effective backup and disaster recovery minimizes any disruptions to your organization.
TIP: If your association has employees, members, prospects, or customers residing in the European Union (regardless of their citizenship), you’re required to meet GDPR standards. Aptify and Community Brands have taken steps to fully comply with these regulations. You can learn more about GDPR in the guide, Understanding the General Data Protection Regulation.
3. Work with your AMS vendor.
Data security is a shared responsibility. It’s important to have software in place that supports strong security. It’s also important to make sure your association is following the cyber security best practices that your software supports.
Your AMS vendor should work with you to help you understand what security functionality the software provides and what practices you should be following on your end.
For example, the Aptify team provides customers with a list of suggested practices to prevent unauthorized access to your system and help protect member data. This includes things like:
- Using stronger passwords throughout the organization
- Implementing multi-factor authentication to improve security
- Having processes in place for training new employees on security best practices and removing login credentials when employees leave the organization
Bonus: Select an AMS who works with a trusted partner like Microsoft Azure. Aptify customers on Azure benefit from these additional security investments:
Azure Infrastructure Security and Cybersecurity Framework: Geographically dispersed datacentres comply with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53, for security and reliability. You can find more information related to What Microsoft does to Secure Azure Infrastructure.
Microsoft has developed a NIST Cybersecurity Framework (CSF) Customer Responsible Matrix that lists all control requirements that depend on customer implementation, shared responsibility controls, and control implementation details for controls owned by Microsoft. Learn more about the CSF here.
Azure Security Benchmark (ASB) focuses on cloud-centric control areas. These controls are consistent with well-known security benchmarks, such as those described by the Centre for Internet Security (CIS) Controls, National Institute of Standards and Technology (NIST), and Payment Card Industry Data Security Standard (PCI-DSS)
Security Benefits using Azure App Service:
- Azure App Services follow the Azure Security Benchmark to provides Infrastructure and platform security where the application is run securely on the cloud.
- Identity and Access Management: App service provides layered security like multi-factor authentication to access the application.
- Security and Compliance: Azure App Service helps to deliver enterprise-level SLA by providing PCI security standards, SOC2 accounting standards, and ISO information security standards to use.
- Restricted Access & Network isolation: The web application can be configured to be publicly accessible or from IP masks. Also Web Application firewall and Internal Load Balancer in Azure Virtual Network provide isolation of app from internet
- Built-in HTTPS support: All App Service apps comes with a free SSL/TLS certificate so that we can have in-transit Encryption (and a trust level certified by a third-party authority) without having to buy anything.
- Application Secrets: App Service app can be integrated with Azure Key Vault for advanced secrets management.
And here’s a bonus tip: As you take steps to protect your member data, let your members know. Tell them about the data security precautions you have in place, and your members are more likely to trust you with their data. That trust will then translate into a better member experience and, ultimately, greater member loyalty.
Let our team share more best practices for keeping your member data safe. Contact us today for a demo.