If You’re Managing Your Association Online – It’s Gotta Be Secure

Your AMS houses a large amount of sensitive member information. Ask your provider how your information, and the system as a whole, is protected against breaches. Part of creating a reliable experience and growing your membership is assuring security.

It’s an unfortunate reality of the internet era, but cyber crime does happen. Fortunately, neither you nor your association has to be impacted by online theft, hacks or scams. You just have to make sure you are implementing an AMS whose provider makes it clear that security is integral in their offering.

However, the whole security thing can be confusing. What makes an AMS secure? Below are some questions to keep in mind when discussing system security with the prospective provider. You don’t need to be a tech guru to gain an understanding of a particular provider’s competence regarding security. Evaluate each association management software’s security with the below topics.

Cloud Reliability
The cloud computing platform that your prospective provider pairs with their AMS solution is key information for you in confirming whether it will be adequately secure to protect your members and the association as a whole. There are many cloud platforms (Kamatera, phoenixNAP, Amazon Web Services, Oracle Cloud, Microsoft Azure, Google Cloud Platform, Salesforce and Verizon Cloud being just a few of the popular cloud services), however, it is good practice to identify which service the prospective provider utilizes so you can better educate yourself on its strengths and weaknesses.
Data Storage
Where, physically, is the member management system’s data housed? Depending on who your members are and where they are based, legal requirements may dictate that their data must be stored in a specific jurisdiction. Also, where the data is physically stored – how is it stored? That is, what type of hardware is the data stored on and how are they maintained and protected from breach?
Data Backup
Make sure to inquire how often your AMS data is backed up, and if there are redundancies provided. Backups should be conducted at frequent intervals to ensure new data entered into your association management software is captured into storage. If backups are not conducted frequently, large amounts of data could be lost.
Data Transfer
In the event that your association makes the decision to switch from one AMS solution to another, does your current provider have an established plan for offloading your data to you in a secure and lossless manner? It is unacceptable to lose your data during hand-off, nor is it acceptable for your data to be intrinsically tied to the provider. Make sure the provider describes clearly how a data transfer would occur, should the need arise.
Password Protection
Gaining access to your AMS should be gated by a login portal, requiring members to enter their own custom (and changeable) username and password. Members should receive an automated email from the system annually, suggesting they revise their password to prevent profile hijacking / unauthorized access to personal information.
Session Expiration
At a predetermined duration of inactivity by a logged in member, your association management system should time them out and expire their login session – requiring they re-enter their login details to regain access to their account.
Partitioned Areas
Your AMS should allow you to setup areas that are designated for selective access only. These “rooms” on the association management system house potentially sensitive information and require special permissions to access.
Provider Privacy Policy
The provider of your prospective membership management software should have an established and robust Privacy Policy in place, making it clear their intentions for storing your data (and only storing your data without sharing or dispersing information).
Payment Authentication Processes
Your AMS provider should be able to clearly explain how they protect your association and its members when conducting transactions on the association management system platform. This may be the most targeted process on your member management software, so your provider should have measures in place to prevent infiltration from cyber criminals.

The security of your AMS is not top of mind when searching for a solution that meets your needs. You expect your information to be secure and your members to be protected – that’s just assumed. However, ensure you make the topic a considerable part of your inquiry when speaking with your prospective AMS provider – don’t assume. Security isn’t as interesting as the whizz-bang features, but if your security fails, no one will care about the whizz-bang. Invest in a secure association management software.