Keeping your charity cyber safe

Sunday, 6 July 2014 - 9:56am

There have been several high profile cyber-attacks in the media recently and it is suddenly on the radar of small organisations, especially if they store sensitive data. Are you doing all you can to minimise the risk?

Photograph: Yuri Samoilov (Flickr)

Domino’s Pizza were recently held to ransom after a hacker stole customer addresses, phone numbers, passwords and even favourite pizza toppings from their servers! 

Whilst many more people are aware of the growing risks, recent surveys conducted by Symantec and other cyber security companies suggest many smaller organisations are still operating under a false sense of security.

It is easy to think of the large corporations and government bodies being the ones at risk from cyber-attacks. However, as large companies continue to get serious about data security, other organisations are becoming increasingly attractive targets. The vast majority of charities probably don’t have a formal internet security policy for employees; around half will only have rudimentary cyber security measures in place; and around 40% will not have their data backed up in more than one location.

If an unauthorised outsider was to gain access to your server and take sensitive data on your clientele, crash your systems or take bank details, there would be a significant impact on your operations and your reputation.

There is a common misconception that improving online security is an expensive process. In fact, there are some simple and economic steps you can take to reduce your risk of falling victim to a cyber-attack:

  1. Train employees in cyber security principles
  2. Install, use and regularly update anti-virus and anti-spyware software on every computer used in your business.
  3. Use a firewall for your internet connection
  4. Download and install software updates for your operating systems and applications as they become available
  5. Make backup copies of important business data and information
  6. Control physical access to your computers and network components
  7. Secure your Wi-Fi networks. If you have a Wi-Fi network for your charity, make sure it is secure and hidden
  8. Require individual user accounts for each employee
  9. Limit employee access to data and information and limit authority to install software
  10. Regularly change passwords
  11. Consider using an encryption programme to keep computer drives, files and even email messages safe from hackers.

Another key point is to remind your employees to be wary of online scams. As the world’s football fans are engulfed by World Cup fever this summer, online scammers are hoping to capitalise on the sporting event’s widespread popularity by sending a spate of bogus Fédération Internationale de Football Association (FIFA) emails designed to con the recipients out of their money and personal information, or gain access to their computers. If employees fall for these sham emails, they risk infecting your charity’s computer network by inadvertently granting hackers unauthorised access.

As a general rule, caution your employees to be vigilant when receiving any unsolicited or unexpected emails, and exercise extreme caution when clicking on links in suspicious emails. Online scams are increasingly sophisticated and it can be difficult to separate the real from the fake, so urge your employees to follow the age-old adage that if something seems too good to be true, it probably is.

For most charities, cyber security should be simple. It is merely a case of putting in place some simple rules and procedures. All of our clients have access to a whole library of resources including policies which you can easily implement, not only for cyber protection but to comprehensively cover all your main risks. As part of our commitment to the homelessness sector we are also providing these resources for a member discounted rate of £99 which is fully refundable on buying your insurance policy through Access Insurance.

Access is the independent insurance specialist for the third sector and is sponsoring Under One Roof, Homeless Link’s annual housing and support conference and exhibition 8 and 9 July 2014. Click here to explore the conference programme and book your place.  

Talk To Us

Tim Wiltshire

Senior Insurance Broker, Access Insurance

Tim is a senior insurance broker for for Access Insurance, the independent insurance specialist for the third sector. 

Related articles