When you think of cybersecurity, chances are you think of big, widely publicized hacks that left parts of the government or certain private companies vulnerable due to data theft or hurt sales. Target's 2013 data breach and last year's Home Depot cybersecurity failure left shoppers' payment information at risk. More recently, the U.S. Office of Personnel Management experienced a hack that compromised 22 million individuals' confidential personal information, and we have yet to see the full impact of that security breach.
You probably remember these events – they were all widely publicized, after all. You may not be considering them a warning, but you should be. Every organization – large or small, for profit or nonprofit – needs to take cybersecurity seriously, particularly if you don't want anyone accessing the confidential data stored in your donor management software. A nonexistent security policy not only puts your donors' and members' information at risk, it also could lead them to lose trust in your leadership should a hack occur.
"In 2014, half of small organizations reported experiencing a data breach."
Don't be misled believing only your larger counterparts are at risk for a data breach. Smaller operations are prime targets for hackers, often because they don't have the resources to put strong cybersecurity safeguards in place or lack an understanding of how big a threat a hack can be. The number of smaller enterprises impacted by cybersecurity issues just keeps growing: While the National Small Business Association found 44 percent of small businesses had experienced a breach in 2013, that number rose to 50 percent the next year.
NetAction, an organization aims to make the public, corporate leaders and politicians aware of tech-based issues, released a checklist every nonprofit should review to ensure its cybersecurity is up to speed:
- Do your work habits promote security?
- Can data be restored in the event of a computer crash?
- Are you protected from viruses?
- Is your computer safe from hackers?
- Have you protected your mailing lists from spammers?
- Are confidential files under wraps?
- Do you have a plan in place in case the worst happens?
If the answer to any of these inquiries leads you to question your own cybersecurity policies, it's time for an overhaul. Working with an experienced professional who's well-versed in nonprofit data security can help you ensure the valuable information gathered by your donor software stays out of a hacker's hands.