Improve Your Not-for-Profit’s Cybersecurity
Posted On: 3-24-2017 | Posted By: Kody Ferrin
With limited resources, sometimes not-for-profit organizations can overlook cybersecurity. However, cybersecurity is critical for NFPs of any size, especially those that collect and store sensitive data such as donor information, employee records and credit card information. A data breach can be detrimental to the financial health of the organization, but a damaged reputation can be even more crippling.
Below are some tips to help improve security in your system.
- Create a cybersecurity plan. A written plan will help you keep track of when passwords should be changed, when firewalls and virus protection should be updated and when other aspects of your technology are due for a review. The plan should also address how you store different kinds of sensitive data and help you find any potential security hazards.
- Make sure employees follow security policies. Organizations of all sizes should make sure employees follow all general security protocols. If employees are not familiar with security policies, sensitive information could end up where it shouldn’t be. Training employees is one of the most important things that an organization can do, since it is often through an employee that confidential information can accidentally be revealed.
- Get technical help. Smaller not-for-profits sometimes don’t have the resources to hire a full IT department to protect the organization’s security. We recommend using a third party to help identify any potential risk and set up and manage a data security program. Third-party domain providers such as WordPress and GoDaddy often include IT Technical Support that can help keep important data more secure.
- Update technology. Using an outdated operating system such as Windows XP can make it easier for hackers to infiltrate systems where confidential information may exist. It might save money as a short-term solution, but in the long run, it could end up costing a business a lot more if confidential information is taken. Invest in software and hardware updates when it makes sense.
- Look into local educational resources about cybersecurity. Resources are available locally and on the web to anyone wishing to know more about cyber security and how it can affect your organization. For example, the Missouri Research and Education Network (MOREnet) offers conferences and educational materials and the State of Missouri offers cybersecurity information on its cybersecurity.mo.gov site.