Cybercrimes are on the rise, and nonprofits aren’t immune to attack. Overall, cybercrime is expected to grow by 15% over the next year, with experts predicting the cost to businesses will exceed $6 trillion by 2021. Few nonprofits have adequate security policies in place, let alone the resources to address the damages from hacking or other cyber-attacks.
Criminals are getting more sophisticated, too, in how they hack into systems. Cybercrimes aren’t limited to computer-based theft. Software is now being used to mimic executive’s voices so criminals can fool assistants into divulging email passwords over the phone.
With so many tricks up the criminals’ sleeves, how can a nonprofit protect itself? Fortunately, we have five tips your organization can use to greatly improve its defenses. And, although no defense against cyberattacks is foolproof, criminals are more likely to go elsewhere if they experience resistance. Just like a sturdy door with a good lock prevents a robber from breaking in, so too will these defenses protect your systems.
5 Tips for Nonprofits to Improve Cybersecurity
- Increase cybersecurity awareness training
- Improve passwords
- Add two-factor authentication
- Update antivirus protection
- Switch to cloud software
1. Increase training and awareness: You can’t prevent crimes if you don’t recognize them when they are taking place. Cybersecurity training and awareness is a critical step to helping you prevent cybercrimes from affecting your nonprofit organization.
Criminals change their tactics all the time. As we mentioned at the start of this article, some are now using voice software to mimic an executive so they can trick unsuspecting employees into divulging sensitive information. This is just one example of a new tactic, but if more people were aware of it, it would become less effective.
To improve awareness and training, assign someone in your organization the responsibility of getting up to speed on the various possible cyberattacks. Then, organize different training opportunities. Lunch and learns, recorded trainings that employees can complete on their own, even demonstrations are all powerful ways in which to show the many possible types of cybercrime affecting nonprofits and how to spot potential activities.
2. Improve passwords: Passwords continue to be a point of entry for many cybercrimes. Many passwords are weak and easy to guess. Brute force attacks that can crack passwords are all too common. In a brute force attack, computers are used to generate thousands of random passwords per minute, and eventually many succeed because so many passwords are easy to guess.
Make your passwords as strong as they can be. Experts recommend that passwords be at least 10 characters long, contain upper- and lower-case letters, and at least one number, and at least one character. A unique password should be used for every account.
Consider having your IT experts force employees to change their passwords frequently. Many companies have enacted this to improve cybersecurity. While you may hear a lot of complaints, in the end, it will improve your cyber defenses.
3. Add multi-factor authentication: You’re probably familiar with this technology already—banks and credit card companies use it as an added layer of security. After inputting a password, a text message may be sent to the account owner’s smartphone with a code that must be entered into the site. Other two-factor methods include automated calls with codes, additional emails, and so on.
Multi-factor authentication improves security by adding another layer of protection between someone wishing to access a system and the system itself. Even if the password is cracked, two-factor authentication may stop entry into the account by insisting on verification.
4. Update anti-virus protection: If you’re still running the same antivirus software that came with your computer, it’s time for an update. Antivirus software must be updated frequently to keep up with the new and emerging threats.
Make sure that when your software prompts you to download an update, you do so. It is also important to keep all your software (not just your antivirus software) updated.
5. Switch to cloud-based software: By now you’ve probably heard all about cloud computing and cloud-based software. Cloud software enables your team to log on from any internet-connected device to your company’s systems. Most cloud hosts have additional security measures and protection in place, more so than your organization can add on its own. They also back up systems so if anything should happen to your data, it can be restored without much of an interruption.
Moving from site-based software to the cloud may be easier than you thought. Speak with a software consultant well-versed in nonprofits and your organization’s unique accounting needs before choosing a cloud provider to ensure the transition goes smoothly.
Cybercrime may be a constant threat, but there’s much you can do to prevent it. These tips, along with the right technology, can go a long way to protecting your organization.
Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.