Nonprofit Best Practices: Cybersecurity Basics, Part 2

nonprofit best practicesHow can nonprofit organizations prevent potential cyber attacks and data breaches?

As we established in our last article, nonprofits are at risk for data breaches and cyber attacks. There are many reasons for the unique vulnerability of nonprofits to come under attack: understaffed, underfunded for IT upgrades, and a false sense of security (“we’re too small to be hacked” mentality) all make nonprofit organizations a plum worth picking for many cyber criminals.

Everyone gets caught up in the daily demands of running an organization. IT needs, especially security, are often relegated to the bottom of a to-do list. A report entitled The 9 Biggest Information Security Threats for the Next Two Years outlines areas of particular threat. It’s worth a read to identify and protect against threats.

Nonprofit Best Practices to Assess Against Cyber Risk

  1. Mobile technology: Mobile technology is attractive for hackers because it offers more points of entry for an attack which they can exploit. Have you conducted robust resilience planning by looking at all of the access points in your systems?
  2. Securing valuable data: Some data is more valuable to hackers. Have you assessed and prioritized the protection of your most valuable information? Have you considered cyber insurance?
  3. Contingency planning: If your organization is targeted in a cyber attack, what could be the possible outcome? What is the potential harm to your organization and its donors? What are your organization’s plans in case of an Internet attack? How will your organization continue to operate day-to-day?
  4. Assess your system: Many people believe their system is more robust than it is. Have you assessed your system’s current security?
  5. Spread the risk: Exclusively using the products and services of a particular company can be appealing for an organization, but this can also put your organization at risk if your vendor is targeted. Have you diversified your technology and suppliers to reduce your risk of cyber-attack?
  6. Invest in updated technology: Technology is very expensive, and most organizations seek to save money where possible, but saving tech money at the expense of Internet vulnerability can result in a disaster for your organization. Is your system updated to deal with modern security threats?
  7. Update plugins and software: In addition to investing in new technology, simply updating plugins on WordPress sites, adding patches when software companies alert you of their availability, and upgrading, whenever one is available, can close loopholes open to cybercriminals. Have you updated your software recently?
  8. Assess global risk: Many organizations are active members of the global community. Do you realize that threats of cyber-attack come from both global and local sources?

We trust that these nonprofit best practices to assess and guard against cybersecurity threats are helpful. If you’d like to speak with someone about your organization’s security needs, the team at RBP Methods is happy to help.

RBP Methods

RBP Methods helps right-brained people navigate a left-brained world. We offer consulting and software that conforms to nonprofit best practices and are happy to discuss security and other needs with you. We offer software for nonprofit financial management, donor and grant management, and more to help your organization run smoothly. Contact us today or call 503-648-9051.