According to Fintech News, cybersecurity attacks have increased 80% over the past year. If you think only big companies or for-profit companies have to worry about cybercrime, think again. Criminals often target nonprofit organizations because they know that many lack the internal IT resources to prevent an attack.
Don’t fall victim to a cybercriminal. Here’s what you need to know to stay protected.
Know the Risks, Upgrade Your Defenses
In order to protect against cyber-attacks, it’s important to know where the potential risks lie in your organization. Common ways in which criminals attack computer systems include:
- Unsecured WiFi: Your office WiFi may have strong password protection, but if you allow employees to telecommute, their systems may be open to attack. During the pandemic, many nonprofit organizations allowed their employees to work from home. Some employees have secure networks but not all do. An unsecured WiFi network or one with a weak password is ripe for the picking by cybercriminals who can easily grab valuable passwords and data.
- Phishing emails: Phishing emails are disguised to look like they come from a reputable company such as your bank or credit card company. However, when you click on the link, they direct you to a site that captures your login information.
- Phishing phone calls: A new angle on the phishing email is the phishing phone call. In this instance, a caller contacts an assistant, usually an executive or administrative assistant, claiming to be from a reputable company and asking for the CEO or another chief executives’ login information. Many assistants have such information handy, especially if they respond to emails or schedule meetings on behalf of an executive. If this sensitive information is given out, the thieves use it to access critical systems.
- Trojans, spyware, and malware: Trojans, spyware, and malware can infect a computer just by casually browsing an infected website or accidentally clicking an infected link. They can then be passed along unintendedly to other computers, enabling hackers to access systems or hold data for ransom.
- Failing to update software: Software patches, plugin updates on WordPress websites, and similar updates aren’t nuisances. Companies release them to patch known problems in the coding. Failing to update software is like leaving the key under the doormat and hoping a burglar won’t think to look there.
Even if your organization is small, you can still take steps to prevent an attack from any of these areas.
5 Ways to Protect Your Organization’s Data
You don’t need an army of cybersecurity experts to protect your organization’s system. Most nonprofits can take the following steps on their own to greatly lower their risk of cybersecurity issues.
- Upgrade security software: Invest in better security software and take the time to update it when prompted by the manufacturer.
- Upgrade hardware and software: Older computers and software are more easily hacked than newer products. Set aside budget for updates to your hardware and software each year.
- Avoid donated hardware: Although donated computers may be a nice gift, unless you know the donor and can have a security expert wipe them clean, avoid using donated equipment.
- Use strong passwords: Insist that all employees use strong passwords, and make sure everyone changes their passwords monthly. Strong passwords typically consist of random arrangements of lowercase and capital letters, numbers, and symbols.
- Train your employees: Many cybercrimes occur due to employee mistakes, such as using weak passwords or falling for a phishing scam. Teach your team what to look for to spot phishing emails; misspelled words, blurry logos, company URLs that don’t look quite right. When in doubt, close the email and open up a separate browser to log in and check for messages. Training is often enough to prevent many cybercrimes.
Nonprofit organizations have fewer resources to combat cybercrimes. But that doesn’t mean they can’t take steps to prevent crime. Just as even the poorest homes have locks on the doors to keep thieves out, you can put virtual “locks” on your data.
Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.