Cybersecurity for Non-Profits: Staying Safe During the Holiday Season

group of people arm in arm

The season of giving is here! And we hope you’re looking forward to a big boost in donations and support for your non profit as a result. We understand it’s been a tough couple of years for non-profits and we want to help the Holiday season go as smooth as possible for you.

The sad truth is that despite the festive cheer, feel-good films and Christmas carols, it’s also a time where we often see an increase in cyber threats, and non-profits can be attractive targets due to their valuable donor data and potentially limited security resources. Here's how to help keep your organisation safe during Christmas and New Year:

1. Be Wary of Seasonal Phishing Scams

Cybercriminals often exploit the holiday spirit with targeted phishing campaigns. Be extra cautious of:

  • Emails purporting to be from charitable organisations like yours seeking urgent donations

  • Copycats claiming to be your non-profit asking others for donations

  • Requests for personal information or financial details, even if they appear to come from known contacts

2. Secure Remote Access

With staff potentially working remotely during the holidays:

  • Ensure all remote connections are made through a secure VPN

  • Implement multi-factor authentication for all remote logins

  • Provide clear guidelines on secure remote working practices

3. Spend a Little Time Boosting Essential Security

Before the holiday rush and to set you up for next year:

  • Ensure all systems, software, and security tools are up-to-date

  • Run a comprehensive security scan on all devices

  • Refresh your passwords effectively if you think it might be time

4. Protect Donor Information

The holiday season often sees an increase in donations. Protect this sensitive data by:

  • Encrypting all donor information, both in transit and at rest

  • Regularly backing up donor databases to a secure location

  • Limiting access to donor information on a need-to-know basis, and correctly disposing of information of past donors you no longer need

5. Prepare for Increased Online Activity

If your non-profit runs online fundraising campaigns during the holidays:

  • Ensure your website can handle increased traffic without compromising security. Check who has the login credentials and make changes so that only those necessary can access it.

  • Ensure you have secure, reputable payment gateways ready for online donations

  • Monitor your website closely for any signs of suspicious activity

6. Have an Incident Response Plan

Despite best efforts, breaches can still occur. Be prepared by:

  • Developing a clear incident response plan. It can be basic for now, but a good outline for what to do should your website go down or you suffer a breach so you’re not caught on the back foot can massively reduce chaos should trouble occur

  • This might include ensuring key staff know their roles in case of a security breach, even during holiday hours

  • Having contact information readily available for IT support, legal counsel, and relevant authorities

7. Educate Your Team and Volunteers

Your people are your first line of defense:

  • Provide a refresher training on cybersecurity best practices before the holiday season

  • Create clear guidelines for handling sensitive information during busy periods

  • Encourage a culture of security awareness among all staff and volunteers

Remember, cybersecurity is an ongoing process. By implementing these measures, your non-profit can enjoy a safer, more secure holiday season, allowing you to focus on your mission and the communities you serve. Perhaps it can also be a priority for your non-profit’s goals next year?

Stay vigilant, stay secure, and have a wonderful holiday season!

Previous
Previous

Has My Phone Been Hacked? Signs, Symptoms, and What to Do

Next
Next

Cybersecurity for Medical Practices: Protecting Patient Data