Joanna Pineda

Joanna Pineda
CEO & Chief Troublemaker

The One Thing You Should Do to Make Your Database More Secure

Every day, we hear about another big data breach. Last year, Yahoo! revealed that 500 million user accounts had been breached. eBay had 145 million accounts compromised. The numbers are getting so big, we’re numb to them.

In some cases, sensitive data was leaked. In others, millions of emails are getting a new flood of spam.

If Yahoo!, the White House, eBay, Anthem, OPM and NATO can get hacked, how can organizations like yours stand a chance and secure your members’ data?

Here at Matrix Group, we believe that every organization needs layers of security so that if one layer (e.g., a firewall) is breached, there is another and another.

But here’s one simple thing you can do to make your database more secure: make sure your user passwords are encrypted.

Why do this? If a server has been compromised, aren’t the individual passwords that least of our worry? Not really.

It turns out most people reuse passwords. Which means if one of my passwords gets hacked AND the password is not encrypted, hackers can try my username and password combination on other sites, including online banking and eCommerce sites.

I hear from clients who say they get many customer service calls from members who forget their passwords. They want to be able to view a member’s password so they can provide good customer care. While I understand this, I don’t think helping out a few hundred members a year is worth the risk to the other tens of thousands. Any database worth its salt has a password reset, which you can easily send to members.

If the passwords in your membership database are not encrypted, please, please ask your vendor to do so ASAP. Don’t wait. Don’t hesitate. Do it now!

 

Joanna Pineda

Joanna Pineda
CEO & Chief Troublemaker

Help, My Most Important Member Just Got Deactivated from the Database and The Importance of Data Entry Verification

The CEO of one of my clients called in a panic to say that the database deleted the profile of an important member. He was the primary contact at one of the association’s larger members. “Help,” my client said. “When I went to look for his number, his record was gone. This guy is really important. What happened?”

Turns out one of the association’s admins had deactivated the member’s record after receiving a bounce from a mass mailing. She had been instructed to do so by her boss and did it without thinking.

“Oh my God. I can’t have admins just deactivating important members! What can you do about it?” Well, MatrixMaxx has the Change History Report by person and by company. In MatrixMaxx you can also run a report of changes to primary contacts, titles, etc., so this association can and should be looking at deactivated records, changes in titles, etc., to see if any changes have far-reaching consequences for the association.

What we can’t do is stop association staff from making certain types of database changes, unless a client wants to invest in potentially costly programming to limit access to specific tasks.

You see, assuming you have the tools to run these reports, this isn’t a technical issue. As an association, you want to have clean data and clean data means cleaning up bounces. But not all email bounces mean a person has left an organization. It could be that the email server was having trouble that day; or it bounced messages after reaching a threshold number of the same email going to people at the same domain; or the anti-spam filtering didn’t like some words in your email.

Who the heck knows? All we know is that it’s important to review data entry changes to your database and to have policies in place so that certain types of database changes (e.g., primary contact leaving, big title change, move to a different state) get escalated to someone higher up in Membership or even to the President of the organization.

One association CEO and MatrixMaxx user runs the change history report once a month and sends congratulations emails to members who have just received promotions, calls members who have switched jobs, and contacts organizations when a key contact leaves the company. How smart is that?

BTW, this happened at Matrix Group last year. An admin who had not received proper training was given the task of deactivating people whose emails had bounced in MailChimp. The results? Some really important clients and consultant partners stopped receiving our newsletter and almost didn’t receive a holiday card. Yikes! Thank goodness we caught the problem and have since strengthened our database management training.

Don’t let this happen to you! Invest in data entry training that goes beyond the technical. Develop an escalation protocol to report important database changes. Tell your admins to escalate when in doubt.

Joanna Pineda

Joanna Pineda
CEO & Chief Troublemaker

Is it Time to Add Diversity and Inclusion Demographics to your Membership Profiles?

I registered for an ASAE (American Society of Association Executives) meeting a couple of weeks ago and was surprised that the registration form asked about my gender, race and ethnicity. It felt a little intrusive for ASAE to be asking these questions. But I dutifully answered the questions because I’m a proud Filipino-American.

This experience got me thinking. Today’s association executives are thinking hard about strategies to widen their reach. They’re looking to attract millennials and people from groups that have historically not been involved in the association.

I’m thinking about a finance association that Matrix Group works with. My Content Strategist, Elaine, and I are helping this organization create personas of their target audiences. As we always do, we made up names for the personas and made them a mix of genders and races. When the client saw them, he laughed and said, “I wish my association were this diverse. Truth is, most of our members are middle-aged, white men.”

Finally, I’m thinking about the trade association that’s looking to attract the next generation of leaders to its membership ranks. They next generation is comprised of Generation X, Generation Y and Millennials. They are less apt to join and they are more tech-savvy.

So how do we know that we’re making progress toward attracting new audiences if we don’t track the proper demographics? How will you know if you’re increasing the number of women in your committees? The number of minorities in your Young Leaders forum? Etc.?

I say it’s time to have a conversation with your Membership Committee and your AMS vendor about updating the demographics you collect. Your members may be reluctant to provide this information at first, but if you provide a respectful and well-reasoned argument for WHY you collect this data, I bet you’ll have at least some of your members filling out these fields. You can and should also fill in this data on the staff side, to supplement member-provided data.

Here’s to 2017 and to your association having more and better data!

Tanya Kennedy Luminati

Tanya Kennedy Luminati
MatrixMaxx Product Manager

Question: Does a Member Login REALLY cost you sales?

The Big Question

maxxlogin_mmI am seeing a battle brewing in the association market regarding the need for users to log in to a site or service. The big question: If there is a member login, does it cost the organization sales – if the member is presented with a login, will they go away, never to return?

For pure consumer sites – especially for non-essential luxury items – the answer to this question is probably “yes.” It gives the user a chance to sit back and say “Ugh. Do I really need this cute metal rooster for my garden?” So these types of sites are doing all sorts of things to make checking out as fast, easy, and painless as possible.

But what about for membership organizations, whose members have purposefully joined the group presumably because they want to interact, engage, learn, and attend?

In interacting with my clients, I am seeing the following trends:

  • IT and operations teams don’t just want a login, they want to add 2-factor authentication (2FA or TFA) to make it more secure. They do NOT want to risk a breach that must then be explained to the Board and members.
  • Membership teams want the login to stay as it is to ensure a unified member record and experience. i.e., all of their meeting, committee, interaction, transaction and communication history is tied into one record that is searchable, sliceable, studiable
  • Marketing and Communication teams want no barriers and no logins. They want the user to be able to click a link in an email that says “Register Me!” and that’s it. One step. Conversion. Done.

This conversation gets particularly heated about meetings/events, some of which may even be free for members. The crux of it: Are we driving away members who might otherwise attend because they are finding it too onerous to log in?

Research

One membership association embroiled in this discussion wanted to see some numbers to quantify the debate. So we looked into their analytics and pulled out one simple piece of data: how many users exited at the login page that leads to the registration form? This does not necessarily mean that these members didn’t come back and register later, and it doesn’t tell us why they left, but it is a piece of information that can be used in the discussion.

For this one member-based trade association in the last year, there was an 11% average exit rate for those who landed on the meeting registration login page.

Awesome. But what does this mean? How does this compare? Is this normal? Great? Horrible? The MatrixMaxx AMS team researched this rate to get a benchmark on industry ‘norms’. An internet search didn’t reveal too much:

  • A lot of webmasters seem to be reporting exit rates of 40% ( source )
  • Conventional wisdom seems to be saying that for a basic B2C site, an exit rate of 50% seems expected, but for a member-based site it should be ‘much lower’ ( source )
  • One group noted that the average non-profit exit rate was 18%, but that was more than six years ago, and there is a lot more info competing for our attention now ( source )

So the MatrixMaxx AMS team did our own exit-rate research, pulling from a sample of about two dozen of our own member-based association organizations. For our member-based organizations, for the last year, we were seeing a 9-17% exit rate from the meeting registration login page (an average of 12.5%).

So our trade association client with an exit rate of 11% on the meeting registration login is better than average! Now we’re going back to dig even deeper. Why are these people exiting? Do they come back? How can we improve the experience but still maintain a secure, unified member profile?

What experiences and exit rate statistics are others seeing in the membership organization (trade association and professional societies) market? The more bench-marking data we can all share, the better we can make informed decisions.

Joanna Pineda

Joanna Pineda
CEO & Chief Troublemaker

Your AMS: What Doesn’t Matter?

What happens when you’re told that what you’re doing doesn’t matter? It’s part of your decision-making process! How can it not matter?

Gretchen Steenstra, Senior Consultant at Delcor Technology Solutions is the kind of person who poses that kind of question.

I got to catch up with Gretchen during the AMS Fest hosted by ReviewMyAMS‘s Teri Carden. Gretchen shared with me the session “she should have done” at the festival.

Her message? CRM vs. AMS doesn’t matter. Platform vs. Premise doesn’t matter. The current obsession with CRM and other tools and tricks is overblown.

Check out our Matrix Minute on what really is important when it comes to your AMS.