Keeping Your Data Safe from Cyber Attack in the Year of COVID
RESULTS Technology is a Nonprofit Connect Business Premium Member. They specialize in providing computer support services to help nonprofits improve operational efficiency, increase mission impact and manage expenses. Learn more about services.
As if 2020 wasn’t hard enough, now cyberattack records are being shattered nationwide. Covid has given cybercriminals an endless buffet of cyber-based ammo and unfortunately, nonprofits are low hanging fruit.
Because many nonprofits believe that they do not have the time or financial resources to keep up-to-date with the latest cybersecurity advice, the cyber criminals often see them as easy targets. Donated laptops don’t get wiped, volunteers don’t always get thoroughly vetted or trained, and IT systems are sometimes not kept up-to-date with the latest cybersecurity tools.
Protecting your nonprofit doesn’t have to be hard to implement or expensive, but it does need to be strategically planned, implemented and managed.
Here is what we suggest.
1. Security Awareness Training
If you can’t do anything else, do this. In March 2020, phishing attacks were up over 667%. A well-executed phishing attempt can cause your donor or client’s confidential information to be breached, ransomware or a loss of data. Phishing attacks have become very sophisticated. Many phishing emails do not contain links, spelling or grammatical errors or attachments. It takes a trained eye to spot today’s phishing attempts.
Typical Security Awareness Training consist of self-paced, online training followed by phishing attempts sent by you or the training vendor. You can gauge the effectiveness of the training by seeing who in your organization “bites” and then re-educate them as necessary.
Educating your staff and your volunteers to recognize these attempts is the first step in protecting your client and donor’s confidential information.
2. Keep systems up to date
Technology is moving at a fast pace. Hackers are always upgrading their tools to take advantage of outdated security systems, so nonprofits should do likewise to protect their valuable resources.
Saving money by keeping old computers and network devices with unsupported operating systems could result in far greater losses.
3. Back up frequently
Although you’ve implemented several layers to your security, sometimes hackers can still find their way in. This is why you need to back up data frequently, whether it’s on-site, off-site, or by way of cloud backups. In the worst-case scenario where your systems do get infiltrated, you can restore lost data from those backups.
4. Use Two-Factor Authentication
Using a complicated password to secure your system is no longer an effective way to solve the issue of cybersecurity. We tend to use that same complex password in our email accounts or bank accounts, and if one of your logins is compromised, this can result in grave consequences.
Two-factor authentication (2FA) adds an extra layer of security for your systems and accounts, particularly when accessing them remotely. It can be a time-sensitive auto-generated code that is sent to your mobile phone or a dedicated device. This security feature works in the same way websites would require you to confirm your email address. They want to make sure that you’re not a bot or anything else.
5. Email Encryption
Email Encryption is a great obstruction to hackers, since it ensures that sensitive information is always sent over encrypted channels. In the past, encryption could be hard to use and costly but now, it can be as simple as putting your subject line in brackets.
6. Monitor and manage systems.
You can have the best intentions to keep your systems safe, secure, patched and up to date. But without the ability to monitor and report on the current status of the devices and computers on your network, you can’t be sure that antivirus is in place, patches are current and unsafe applications are not installed. Monitor all computers and act on reports that show problems.
It’s much more expensive to recover from a data breach than to prevent one. Create a plan today and implement these changes to keep your data secure.
Stay up to Date
Get Nonprofit Connect's new blog posts and latest insights in your inbox. Subscribe to The Link weekly email newsletter.