Modern Security for Nonprofits

cybersecurity questions you should consider

A growing imperative for nonprofits

Nonprofits have a responsibility to provide secure, resilient, and accessible digital presence for their many diverse stakeholders. Increasing legal requirements demand a secure environment that respects staff’s and beneficiaries’ right to privacy. Many government and private donors have started mandating minimum cybersecurity and data protection standards for nonprofits, and may cease funding organizations that fail to meet their standards.

Why is your nonprofit an easy target?

Like their for-profit counterparts, many nonprofits handle sensitive information which may include donor financial data, health data, personally identifiable information, or other highly confidential matters, which can make nonprofits attractive targets for both state and criminal actors. At the same time, malicious actors know that many nonprofits lack the resources to modernize their technology and sufficiently protect themselves, making them easy targets for attack.

How does your security readiness stack-up?

Whether nonprofit boards and executives know it or not, cybersecurity and data protection are two of the most pressing issues nonprofits face. Any nonprofit operating on outdated hardware and software  is putting their organization and their stakeholders at risk. A recent survey by Microsoft shows how many nonprofits struggle to manage their IT infrastructure and data security:

  • 60% of nonprofit professionals do not have or know of an organizational digital policy identifying how their organization handles cybersecurity risk, equipment usage, and data privacy
  • 74% of nonprofits reported that they do not use multifactor authentication to access agency email and other business accounts
  • 92% stated their staff could access organizational email and files using their personal device

These statistics demonstrate many nonprofits have a significant amount of work to do to bring their cybersecurity and privacy practices up to date. Considering that 43% of cyberattacks target nonprofits and small organizations, the case is clear: nonprofits must take the necessary steps to protect their donors and beneficiaries.

Six important Cybersecurity questions

Breaches, compromised data, and cyberattacks can put  your workers, beneficiaries, and your organization at risk, disrupt nonprofit operations and services, expose nonprofits to liability, and tarnish the reputation they have painstakingly built. Consider the following cybersecurity questions for your organization:

  1. Can you identify the security risks within your nonprofit?
  2. What safeguards do you have in place to protect against security threats? Do you have access control procedures? Is your staff trained on security awareness? Did you establish data security practices?
  3. Can you detect security incidents?
  4. Can you respond to security incidents? Do you have a plan in place?
  5. How do you recover from a security incident?
  6. Have you implemented specific, high-value security controls such as backups, software updates, multifactor authentication, remote access policies, system monitoring, and restrict or managing usage of personal mobile devices?

Cloud Solutions for your Cybersecurity Problems

It’s clear that nonprofits face several challenges in developing and implementing effective cybersecurity and data protection compliance. There are no magic solutions. However, in many cases, cloud computing can help nonprofits achieve their cybersecurity and privacy goals in many ways:

  • Focusing resources. By allowing organizations to pay only for the computing resources they need, when they need them, cloud computing can save nonprofits money, enabling them to invest more of their time and resources on their core missions.
  • Simplifying governance. Because applications and services are hosted in datacenters that are operated and maintained by the cloud service provider, cloud computing reduces the burden on nonprofits to install, maintain, and update hardware and software.
  • Cloud security. Perhaps most significantly, the cloud also delivers an immediate step change in security for nonprofit, without a large upfront investment. This is valuable for both cybersecurity and data protection compliance.

Learn more. We recommend that you check out these 4 Key Areas of Intelligent Security for Nonprofits.

Related Readings: 
Why Nonprofits must Modernize their IT: a case for digital transformation
Phishing: a company’s guide

Contact Us

Designing, implementing and supporting Modern Workplace technology is what FSi Strategies specializes in. We’ve helped hundreds of nonprofits implement modern security strategies in support of their missions. We invite you to discover how together, we can leverage the intelligent Cloud for the security and privacy needs of your nonprofit.