Following recent security incidents at a number of non-profit organizations, we feel it is critical to raise awareness and provide recommendations about what can be done to help reduce the risk. We see that malicious emails are often used to trick users and steal passwords or program funds. Legal Services Corporation (LSC) recently posted a fraud advisory about these types of attacks.

Why would anyone want to target your non-profit organization? The reality is that automated hacking tools make it easy and quite lucrative for hackers to target organizations of all sizes. Worse, smaller organizations present the easiest targets because they often lack the resources to implement security protections. Non-profit funding challenges also make it difficult to spend more on security related solutions or training. However, it’s important to know that there are things that can be done to help reduce the risk that are less expensive than dealing with the fallout from a security incident.

Based on our experience, here are the top priority items every organization must do to help reduce security incidents:

1. Multi-factor authentication (MFA): Think of MFA like locking your front door. This is the single most cost-effective security protection that every organization must have. Even if a hacker steals your password, MFA can still keep them out.
2. Malicious email blocking tools detect suspicious emails and help prevent users from being compromised. They can’t click what they don’t see.
3. Security awareness training: People are the last line of defense. Security awareness training helps staff, volunteers and interns identify and avoid potential threats.

Once these security basics are covered, consider doing a security audit to identify other potential security problems. Hackers are continually changing their tactics and regular security audits identify ways to get your organization on a firmer security footing as attacks evolve.

Just-Tech has the skills, experience and partnerships to help you implement these important security measures. We work with many non-profits and we’ve seen the headaches and the costs associated with remediating security incidents. Contact us to learn more about how these recommendations can start improving security at your organization.