Cybersecurity for Non-Profits: Staying Safe During the Holiday Season
The season of giving is here! And we hope you’re looking forward to a big boost in donations and support for your non profit as a result. We understand it’s been a tough couple of years for non-profits and we want to help the Holiday season go as smooth as possible for you.
The sad truth is that despite the festive cheer, feel-good films and Christmas carols, it’s also a time where we often see an increase in cyber threats, and non-profits can be attractive targets due to their valuable donor data and potentially limited security resources. Here's how to help keep your organisation safe during Christmas and New Year:
1. Be Wary of Seasonal Phishing Scams
Cybercriminals often exploit the holiday spirit with targeted phishing campaigns. Be extra cautious of:
Emails purporting to be from charitable organisations like yours seeking urgent donations
Copycats claiming to be your non-profit asking others for donations
Requests for personal information or financial details, even if they appear to come from known contacts
2. Secure Remote Access
With staff potentially working remotely during the holidays:
Ensure all remote connections are made through a secure VPN
Implement multi-factor authentication for all remote logins
Provide clear guidelines on secure remote working practices
3. Spend a Little Time Boosting Essential Security
Before the holiday rush and to set you up for next year:
Ensure all systems, software, and security tools are up-to-date
Run a comprehensive security scan on all devices
Refresh your passwords effectively if you think it might be time
4. Protect Donor Information
The holiday season often sees an increase in donations. Protect this sensitive data by:
Encrypting all donor information, both in transit and at rest
Regularly backing up donor databases to a secure location
Limiting access to donor information on a need-to-know basis, and correctly disposing of information of past donors you no longer need
5. Prepare for Increased Online Activity
If your non-profit runs online fundraising campaigns during the holidays:
Ensure your website can handle increased traffic without compromising security. Check who has the login credentials and make changes so that only those necessary can access it.
Ensure you have secure, reputable payment gateways ready for online donations
Monitor your website closely for any signs of suspicious activity
6. Have an Incident Response Plan
Despite best efforts, breaches can still occur. Be prepared by:
Developing a clear incident response plan. It can be basic for now, but a good outline for what to do should your website go down or you suffer a breach so you’re not caught on the back foot can massively reduce chaos should trouble occur
This might include ensuring key staff know their roles in case of a security breach, even during holiday hours
Having contact information readily available for IT support, legal counsel, and relevant authorities
7. Educate Your Team and Volunteers
Your people are your first line of defense:
Provide a refresher training on cybersecurity best practices before the holiday season
Create clear guidelines for handling sensitive information during busy periods
Encourage a culture of security awareness among all staff and volunteers
Remember, cybersecurity is an ongoing process. By implementing these measures, your non-profit can enjoy a safer, more secure holiday season, allowing you to focus on your mission and the communities you serve. Perhaps it can also be a priority for your non-profit’s goals next year?
Stay vigilant, stay secure, and have a wonderful holiday season!