For any facility that books birthday parties, we strongly recommend allowing your customers to book their parties online. As we've mentioned before, there are a lot of advantages that come with online party bookings. However, any time you offer an online service, there are always security concerns that need to be addressed.
1. Encryption - Any time you are operating a party booking form on your website, you should strongly consider encrypting the form submission. If you don't, you risk someone intercepting their personal data for malicious purposes. If you are accepting credit cards, this as an absolute requirement, not a recommendation. This can require the purchase of an annual SSL certificate, unless your party booking software provides one for you.
2. Data Security - After you collect the party parent's information, is the data secure? If it's being emailed to you, then it isn't secure. Email is an inherently insecure communication system. Instead, the data should be either transmitted to your local party booking software or be made available on a website. Any email should only be for notifications, and shouldn't contain sensitive party booking details.
3. Server Security - How secure is your web server? If a hacker can compromise your server, they can collect the form data for themselves, even if you use SSL encryption for the communications. They can also use your website to place zombies and viruses on your customers' computers. Server security requires constant maintenance, and we recommend that your online party booking server be maintained by experienced professionals.
4. PCI Compliance - Are you taking a customers credit card deposit as part of the online party booking? If so, you now need to make certain that your web server is secured in accorandance with credit card regulations, known as PCI compliance. It is important to be certain that your party booking software is PCI compliant, otherwise you are at risk for very large fees if there is a security breach.
5. Spam Control - If you are requiring credit cards for an online booking, that generally acts as its own spam control system. However, if you are simply operating a request form you will quickly find yourself inundated with spam requests. Usually, a simple bot prevention system like reCaptcha can help you reduce the spam considerably.
At CenterEdge Software, we take care of all of these online party booking concerns for you, so that you don't need to worry about them. But, even so, it is always important to make sure you are aware of all the security issues that can arise.