Data security and management tips

Good account administration practices Engaging Networks help to ensure data integrity, security, and optimal functionality. Here are some key practices:

1. Monitor User access and permissions

   • Super Admins should regularly review Users in your Engaging Networks account

   • Ensure Users have the correct level of access using permission groups and things like content view and data view. Users should only have permissions for and access to the content and data required to complete their job tasks (i.e. principle of least privilege)

   • Staff who leave your organization should have their access revoked by setting their User to inactive or by deleting the User. Read more here about managing Users.

   • Super Admins can check the audit log to see User activity.

2. Enable Two Factor Authentication

   • Two Factor authentication provides increased security as it requires Users to provide two levels of identification prior to gaining access to your Engaging Networks account

   • Some compliance legislation requires Users have 2FA enabled

3. Keep passwords secure

   • Use strong password policies (in addition to the password requirements enforced by Engaging Networks)

   • Never send passwords via email or chat as neither are secure

4. Do not send sensitive data by insecure means

   • Only share sensitive data with Engaging Networks, or other members of your team using a secure file sharing service like Egnyte.

   • Never send data like passwords or API tokens via email, chat or other unencrypted means

5. Know what legislation might impact your organization and ensure you’re compliant

   • For GDPR, for example, supporters’ data should not be stored in Google Analytics. Supporter data should not be used in URLs that might be logged by Google Analytics. For example, be careful when using the Form Dependency Redirect, which redirects as soon as the condition is met and pre-populates the landing page from data it places in the URL.

6. Fraud and spam management

   • Set up email or SMS notifications to be notified if fraud is detected on your pages.

   • Familiarize yourself with Engaging Networks' fraud management tools as well as those for your payment gateway.

7. Be careful when importing and deleting data

   • Make sure you have robust procedures in place when your Users import or alter data in some way. Many of these processes are irreversible, and so mistakes can be hard to correct. 

   • Regularly back up your data and have a recovery plan in place

8. Close or delete pages that are not being used

   • Minimize your exposure to fraud and spam by limiting the number of pages you have live

   • This can also reduce your maintenance needs as there are fewer pages to maintain

9. Regularly review templates and pages for assets with vulnerabilities

   • Vulnerabilities are continuously being uncovered for assets you might use on your Engaging Networks templates and pages

   • Review your pages regularly to ensure these assets are updated or removed once vulnerabilities are uncovered