Data security and management tips
Good account administration practices Engaging Networks help to ensure data integrity, security, and optimal functionality. Here are some key practices:
Monitor User access and permissions
Super Admins should regularly review Users in your Engaging Networks account
Ensure Users have the correct level of access using permission groups and things like content view and data view. Users should only have permissions for and access to the content and data required to complete their job tasks (i.e. principle of least privilege)
Staff who leave your organization should have their access revoked by setting their User to inactive or by deleting the User. Read more here about managing Users.
Super Admins can check the audit log to see User activity.
Enable Two Factor Authentication
Two Factor authentication provides increased security as it requires Users to provide two levels of identification prior to gaining access to your Engaging Networks account
Some compliance legislation requires Users have 2FA enabled
Keep passwords secure
Use strong password policies (in addition to the password requirements enforced by Engaging Networks)
Never send passwords via email or chat as neither are secure
Do not send sensitive data by insecure means
Only share sensitive data with Engaging Networks, or other members of your team using a secure file sharing service like Egnyte.
Never send data like passwords or API tokens via email, chat or other unencrypted means
Know what legislation might impact your organization and ensure you’re compliant
For GDPR, for example, supporters’ data should not be stored in Google Analytics. Supporter data should not be used in URLs that might be logged by Google Analytics. For example, be careful when using the Form Dependency Redirect, which redirects as soon as the condition is met and pre-populates the landing page from data it places in the URL.
Fraud and spam management
Set up email or SMS notifications to be notified if fraud is detected on your pages.
Familiarize yourself with Engaging Networks' fraud management tools as well as those for your payment gateway.
Be careful when importing and deleting data
Make sure you have robust procedures in place when your Users import or alter data in some way. Many of these processes are irreversible, and so mistakes can be hard to correct.
Regularly back up your data and have a recovery plan in place
Close or delete pages that are not being used
Minimize your exposure to fraud and spam by limiting the number of pages you have live
This can also reduce your maintenance needs as there are fewer pages to maintain
Regularly review templates and pages for assets with vulnerabilities
Vulnerabilities are continuously being uncovered for assets you might use on your Engaging Networks templates and pages
Review your pages regularly to ensure these assets are updated or removed once vulnerabilities are uncovered