Do you work in a non-profit organization? Or you might be on the board of directors of a charity or active in a professional or service organization in your community. If so, you know that this organization collects a variety of private information, including details about members or the people you serve and financial information related to donors. Your own personal information may also exist in the organization’s employee and volunteer records. Cybercriminals are eager to get their hands on this data. You can help protect your organization by implementing the same common-sense principles that security-focused executives use in businesses across the country. FTC.gov/Cybersecurity is a good source for honest advice.
At FTC.gov/Cybersecurity, you’ll find resources on 12 different topics, including cyber scams like ransomware and phishing, key considerations like physical security and vendor security, email authentication, and more technical guidance. The new information reflects the FTC’s experience in data security, privacy protection and fraud prevention, as well as the expertise of the SBA, NIST and the Department of Homeland Security. These resources are designed for small businesses, but the same tips and information apply to charities and other nonprofit organizations.
The basic principle is that if any group (including not-for-profit organizations) collects information about people, they should protect that information. Imagine if a donor’s credit card was exposed due to a phishing scheme, or the network was blocked due to a ransomware attack. This can be devastating not only for the organization and leaders like you, but also for the communities that rely on the organization’s services. To help protect your organization’s network and data, make cybersecurity a daily part of your business.
You can start with these basic cybersecurity tips:
- Use security software and set it to update automatically.
- Offline backup of important files to an external drive or cloud.
- Encourage organizations to develop policies covering basic cybersecurity and train employees and volunteers on these policies.
- Visit www.FTC.gov/Cybersecurity and share the fact sheets, quizzes and videos with your colleagues.
