Improve Your Not-for-Profit’s Cybersecurity

Improve Your Not-for-Profit’s Cybersecurity
With limited resources, sometimes not-for-profit organizations can overlook cybersecurity. However, cybersecurity is critical for NFPs of any size, especially those that collect and store sensitive data such as donor information, employee records and credit card information. A data breach can be detrimental to the financial health of the organization, but a damaged reputation can be even more crippling.

Below are some tips to help improve security in your system.

  • Cypersecurity artCreate a cybersecurity plan.  A written plan will help you keep track of when passwords should be changed, when firewalls and virus protection should be updated and when other aspects of your technology are due for a review. The plan should also address how you store different kinds of sensitive data and help you find any potential security hazards.
  • Make sure employees follow security policies. Organizations of all sizes should make sure employees follow all general security protocols. If employees are not familiar with security policies, sensitive information could end up where it shouldn’t be. Training employees is one of the most important things that an organization can do, since it is often through an employee that confidential information can accidentally be revealed.
  • Get technical help. Smaller not-for-profits sometimes don’t have the resources to hire a full IT department to protect the organization’s security. We recommend using a third party to help identify any potential risk and set up and manage a data security program. Third-party domain providers such as WordPress and GoDaddy often include IT Technical Support that can help keep important data more secure.
  • Update technology. Using an outdated operating system such as Windows XP can make it easier for hackers to infiltrate systems where confidential information may exist. It might save money as a short-term solution, but in the long run, it could end up costing a business a lot more if confidential information is taken. Invest in software and hardware updates when it makes sense.
  • Look into local educational resources about cybersecurity. Resources are available locally and on the web to anyone wishing to know more about cyber security and how it can affect your organization. For example, the Missouri Research and Education Network (MOREnet) offers conferences and educational materials and the State of Missouri offers cybersecurity information on its site.

ALTERNATIVE INVESTMENTS: DUE DILIGENCE AND INTERNAL CONTROL CONSIDERATIONS FOR NOT-FOR-PROFIT ORGANIZATIONS. In recent years, investors’ appetite for alternative investments, such as private equity, real estate investment trusts, venture capital, hedge funds, funds of funds, and commodities, has grown among for-profit and not-for-profit (NFP) organizations alike. Returns from alternative investments generally have a zero, or in some cases an inverse, correlation to traditional investments such as stocks and bonds, so they are used as a potential counter to offset market volatility.
WHAT NONPROFITS AND GOVERNMENTAL EMPLOYERS NEED TO KNOW ABOUT THE PROPOSED 457(f) REGULATIONS. This summer, the Internal Revenue Service issued proposed regulations to update and provide clarifying guidance to Internal Revenue Code Section 457(f), which governs deferred compensation plans maintained by most tax-exempt and federal government entities. At the same time, proposed regulations under Section 409A were issued, which would also impact certain employment agreement provisions, severance arrangements and other similar compensation packages.
WOULD YOU LIKE TO PUT MORE MONEY AWAY FOR RETIREMENT? As we near the end of the year, it is a good time to start thinking towards the future and your ultimate goal…retirement! If you are ready to start saving or to increase the amount you are currently contributing, now is a great time to consider your options.

Posted By Kody Ferrin on 3-24-2017 | Topics: Articles, News,