Working Smarter

Cloudy, With a Chance of Hacking

A potential breach at Evernote raises concerns about the security of cloud-based applications used by meeting professionals.

This past March, people who held accounts with the popular cloud-based notetaking and archiving application Evernote received an email requesting that they change their passwords “as a precaution to protect your data.” Several days earlier, Evernote staff had become aware of “suspicious activity” that may have been a coordinated attempt to access its secure servers. What information might the hackers have been after? Potentially not just account holders’ usernames and passwords, but credit-card information for paid subscribers — and access to the information users stored in Evernote, which was launched five years ago.

Along with notetaking, Evernote enables users to capture clippings from the Web, collaborate with friends and colleagues on projects, and even scan documents that can be easily accessed from any device — laptop, desktop computer, tablet, or smartphone.

Meeting attendees and planners alike have found Evernote and similar apps to be a boon. “While attending [PCMA] Convening Leaders [2013] and listening to Oren Klaff talk about Pitch Anything, I realized there was a lot to take in,” Christine Shimasaki, CDM, CMP, managing director of DMAI’s, wrote in a LinkedIn discussion.

“So I took notes on my iPad in the Evernote app and even took a picture of a slide I wanted to capture and poof… the image landed right there in the middle of my notes!” Mary Lou Coupal, CMP, business development manager at Montreal-based JPdL International, chimed in to the discussion: “Last year, one of our JPdL Intl. project managers responsible for a major international congress worked on site entirely from her iPad; she was able to share documents and communicate last-minute changes in real time to all suppliers and [the] venue.”

When storing or sharing documents in a cloud-based service like Evernote, any data stored lives on that company’s servers. This means it’s conveniently accessible any time, on any device, providing the account is synced when it’s connected to the Internet. But if that company’s servers are targeted, there’s no safeguarding users’ notes from prying eyes, unless they’ve encrypted (or scrambled) the data before storing — a step that many or even most users might not know how to take. The Evernote scare serves as a reminder that cloud-based equals public, and users need to keep that in mind when uploading, storing, or sharing information.

Of course, privacy isn’t much of a concern if you’re only sharing PDFs of floorplans. “Honestly, the stuff that I’m doing at the meetings and events level, none of it’s all that proprietary,” said Missy Johnson, CMP, senior manager of meetings and events with Lockton Companies. While she doesn’t use Evernote, Johnson has found other tools useful, including iAnnotate, a tablet app that allows users to upload, take notes on, and share PDFs; and SignUp4, event-management software that streamlines the meeting-registration process. “When I get on site and I’ve got my iPad,” Johnson said, “I just try to reference all those electronic copies of all the [meeting] materials … so I’m not carrying around a big binder or a bunch of paperwork with me.” 

Katie Kervin

Katie Kervin was formerly assistant editor of Convene.