Nonprofits have to acquire data if they are going to use it, and that means storing that data. In this age of hacking, cyber-theft and all the rest, it is important for organizations to protect themselves from attacks on that date.
Dan Luttrell of the Alliance of Nonprofits for Insurance (ANI) and Ann Shanklin of the Nonprofits Insurance Alliance of California (NIAC) advise that protection against breaches can be accomplished by following a few tips. They suggest:
Don’t retain too much data. Only keep sensitive information needed for legitimate business purposes.
Think about where sensitive information might be hiding.
Implement a mobile device management program.
Regularly review the organization’s access controls.
Use strong, complex passwords, and don’t share them with others.
Do not leave a password or user name written down in view of clients or co-workers.
Avoid clicking links that people send. Use a search engine to find the proper legitimate link or type in the address manually.
Discard solicitation emails, even if forwarded from a trusted friend.
Do not download files or open attachments in emails from unknown senders.
Anything that sounds too good to be true probably is exactly that.
Beware of any email, text or phone call asking for personal information, including passwords.
If email grammar is very poor, or is not properly translated, that probably means something is wrong.
Enter sensitive log-in data such as passwords only on “safe” sites.
Protect each computer with a firewall, spam filters and anti-virus and anti-spyware software.
If in doubt, don’t take a chance.