Discover Top 5 Nonprofits Cybersecurity Tips

nonprofits cybersecurity computer

Remote work is here to stay, and the nonprofit world is no exception, but nonprofits cybersecurity is critical. According to a recent survey carried by Nonprofit HR, more than 60% of organizations are considering remote work as a long-term solution. This decision has much to do with what benefits organizations experienced in 2020. In fact, Nonprofit HR found that 70% of organizations saw positive results from remote and hybrid environments.

Yet, all changes bring new responsibilities. As nonprofits seek to transition to remote or hybrid mode, it’s important to incorporate cyber hygiene practices that will keep nonprofits safe from hackers. So, here are our top 5 cybersecurity tips:

Nonprofits Cybersecurity Tip 1: Have an Updated Antivirus

Having an antivirus software is a must for any internet user. It will prevent malware from damaging devices or networks in case a user clicks on an infected link or file. But remember, having an antivirus doesn’t suffice in this day and age. It’s just a first step to being nonprofits cybersecurity compliant!

Nonprofits Cybersecurity Tip 2: Arm up your [email protected]!1

Nonprofits store donor data that is valuable on the deep web. Information, such as names, emails, or bank details, is appealing to cybercriminals, which makes nonprofits a prime target. Think of passwords as the key to your fortress. If your organization’s key can be easily duplicated, you might be at imminent risk. So, here are some essential elements that strong passwords must have:

● At least 8 characters long

● A mixture of lowercase and uppercase characters

● At least 1 special character, e.g., & ! @ $

● A mixture of letters and numbers

You can also use a password generator like the one available in Lastpass. It’s a free tool (so no need to sign up or subscribe) where you can customize the length, readability, and the type of characters you want to include.

password generator website

While having a strong password is key, using it in more than one credential might undermine your efforts. Try to use one unique password per account, as it’ll be more difficult for hackers to get access to more than one credential in case of a data breach. For that, you can use password management tools like Lastpass or NordPass.

If you want to take nonprofits cybersecurity to the next level, use Two-Factor Authentication tools when logging into your accounts. Instead of just asking for your username and password, a Two-Factor Authentication process requires verification factors that will decrease the chances of hackers invading your organization.

2FA Cybersecurity Network

Nonprofits Cybersecurity Tip 3: Install an Email Filter

Nonprofits have become a primary target of phishing emails. Each year more than 19,300 organizations file a phishing attack complaint to the FBI.

How does it happen?

Users inadvertently open what seems to be a legitimate email from one of their coworkers, and either download an infected file, or reply, giving away sensitive information. Then, hackers get access to their devices or accounts and steal assets.

This is what happened to One Treasure Island in December 2020, after cybercriminals got access to the organization’s email system. They created a real-looking email address to impersonate an employee and manipulated wire transfers. After the attack, the nonprofit lost $650,000 in funds.

As a nonprofit, your mission and operations depend on your donations. Having an email filter like Barracuda will help your organization scan and filter external (and internal) email activity on your connected networks. It’s a way to prevent you from losing your fundraising efforts through a phishing attack.

Nonprofits Cybersecurity Tip 4: Promote Cyber Hygiene Practices

Good nonprofits cybersecurity, such as having an updated antivirus, strong password, and reliable email filter are essential to keep hackers at bay, but spreading cyber hygiene habits is just as important. The best way to introduce your staff and volunteers to cybersecurity practices is by providing regular training. Take the time to educate them on how nonprofits cybersecurity impacts your organization’s mission and operations to make it a part of your culture.

Also, try discussing some data breaches, which you can find in the news, to practically raise awareness on the economic and organizational consequences of a cyber-attack. Between training sessions, consider having a set of shared  nonprofits cybersecurity guidelines for your organization. It’ll help your staff and volunteers avoid any miscommunications and stay more organized.

Another way of promoting cyber hygiene is by sending updated tips to help maintain cybersecurity. It’ll prevent your organization from falling into the newest cyber attack trends and reinforce cybersecurity as a team effort.

Nonprofits Cybersecurity Tip 5: Conduct a Cybersecurity Risk Assessment

Cybersecurity Risk Assessments provide an in-depth understanding of the existing risks and vulnerabilities your organization is currently facing. It’s the most accurate way to map out how to better protect your organization from cybercriminals.

How is it performed and what to expect from it?

Through research and interviews, your organization will obtain a cybersecurity score and a detailed report indicating your current situation. Once you have everything outlined, you should receive a 1-year roadmap to guide your nonprofit to improve its security and align your risk with acceptable tolerance levels.

Additional Resources:

This free tool will help you generate more secure passwords.

These tools will help your organization safely store all passwords and credentials.

Filter and scan all incoming emails to prevent phishing attacks and protect your organization.

This Guide will help you understand how cybersecurity can support your mission.

This checklist will help you understand where your organization is vulnerable. Use this as a starting point in your next cybersecurity meeting.

Understand your organization’s current security posture. The knowledge gained through this assessment will help guide the decisions that will need to be made to improve your security and align your risk with acceptable tolerance levels.

Need a team of experienced cybersecurity professionals to help you put the 5 tips above into action? Makaye InfoSec is here to help. We provide Cybersecurity solutions for nonprofit organizations. Schedule a meeting to get started.

Cybersecurity checklist for nonprofits to protect partners and sponsors

Get in Touch

  • This field is for validation purposes and should be left unchanged.

Archives

Is your organization at risk from cyberthreats?

Find out with our Cybersecurity Checklist for Nonprofits