Cybersecurity Basics Your Nonprofit Needs to Know

Originally published by TechSoup at https://blog.techsoup.org on December 29, 2020.

Cyberattacks against small and midsize organizations have increased from 11 percent to 15 percent in 2020, according to an Avast survey (PDF). Nonprofits are no exception to this alarming trend, which results in lost productivity, damaged reputations, and serious financial implications. Whether you work in IT or are a nontechnical concerned stakeholder, cyber readiness is must-have for any nonprofit. The personal information of people you serve is at stake, in addition to your bottom line, including your donor dataset and your financial and accounting records.

Ensuring that your organization is protected against new threats and old is no easy feat, especially for small organizations. That’s why TechSoup has partnered with Avast to help nonprofits like yours guard against online threats of all scales.

Read on for highlights from our recent webinar, Cyberattacks on the Rise: Is Your Nonprofit Prepared?

Today, there is a huge spectrum of attack vectors ranging from malware and ransomware to compromised credentials and phishing attacks. Some hackers target weaknesses in your security, and others target weaknesses in people that have access to your network. These vulnerabilities can include your work and personal networks and email accounts. Criminals can also target individual apps, devices, and data storage units.

With millions of employees working remotely, home offices are also a target. To protect your organization from these attacks, you shouldn’t only rely on a single form of traditional protection. It’s crucial to have a multilayered cybersecurity approach, which means that if an attack gets past one solution, the other layers will be able to stop it.

Here are some actions you can take right now to ensure full end-to-end security for your servers, workstations, and devices:

Don’t Skimp on the Antivirus Software

Malware is malicious software that is used to disrupt your business services or perhaps gain access to your critical personal information. Traditionally, malware was delivered en masse, but it is now being deployed in a more targeted approach called phishing. These attackers use information gained from publicly available sources, such as social media, business directories, and personal websites to scam and coerce nonprofits.

Unfortunately, one click is all it takes to give a hacker access to sensitive data, or even information on persons within your organization. While there’s plenty of antivirus software you can download for free, cheapest definitely does not equal better when it comes to protecting your data. Choose a reliable antivirus software from a credible company to proactively monitor security threats and be alerted when your systems are compromised.

Automate Software Updates

Missing one security update is all it takes to wreak major havoc on your organization. But with limited funding and personnel, it’s easy to see how these software updates to protect your devices and network connections can fall through the cracks.

An automated software updater and Avast’s CloudCare Patch Management tool can help. This will allow you to roll out vital updates and roll back compromised versions as needed. You can also run regular reports to make sure that all personnel are playing their role in keeping the organization secure.

Pair Tech with Training

“Multiple layers are a vital part of a comprehensive security strategy,” says Avast sales engineer Paul Fenwick, adding that “putting all your eggs in one basket (opting into just one function of cybersecurity) just isn’t going to cut it.” The same goes for ongoing staff education around cybersecurity.

Here are some tips to help your staff, volunteers, and other stakeholders stay protected:

  • Use a secure password manager. Add multi-factor authentication (MFA) for an extra layer of security.
  • Host workshops on preventing phishing attacks and social engineering schemes.
  • Establish a clear policy for safe Internet browsing habits. Consider using Avast’s CloudCare Secure Web Gateway and CloudCare Content Filtering to prevent illegal or harmful websites from being viewed during the workday.
  • Run regular reports and have procedures in place to ensure personnel compliance for vital network and device updates.

You’re Never Too Small to Get Hacked

Why is cybersecurity so vital even for small and midsized nonprofits? It’s simply too lucrative to pass up, with criminals reaping a whopping $6 trillion in the U.S. alone.

There are many ways that your nonprofit staff could unknowingly download malicious software or harmful files and even share critical information. What’s more, there may be only one person in your organization managing IT — and they could be easily overwhelmed by a large-scale attack.

TechSoup is proud to partner with Avast to equip nonprofits and libraries with best-in-class cybersecurity solutions. Check out Avast Business for Nonprofits at TechSoup today.

About Avast Business

Avast Business is the world’s leading cybersecurity solutions provider for nonprofits. Trusted by over 740,000 organizations worldwide, it is the most advanced and geographically dispersed threat intelligence network.

More than 128 million ransomware attacks and 500 million malicious websites were blocked by Avast Business last year. Every day, it delivers smarter data, deeper insights, and faster detecting without slowing down your devices.

Originally published at https://blog.techsoup.org on December 29, 2020.

60+ organizations with kindred missions working together to get critical tech know-how and resources to changemakers around the world. meet.techsoup.org