Wednesday, September 14, 2011

The Hackers Are Coming: What Steps to Take NOW To Ensure Cybersecurity of Your Non-Profit

This is an area I've been thinking about a lot lately.  Organizations and individuals at all levels are vunerable to hacking.  There is a major initiative in this country to counter "cyber terrorism" and cyber security is the hottest topic in board rooms and war rooms.  What is scarey is that many nonprofit organizations have limited ability and resources to combat security breaches.  And as more nonprofits move to online donations, online membership registrations and sales, personal information becomes more accessible to those who would exploit it.  Joseph Steinberg points out that nonprofits must be concerned with cybersecurity and should take up this issue as soon as possible.  Bunnie

The Hackers Are Coming: What Steps to Take NOW To Ensure Cybersecurity of Your Non-Profit
By Joseph Steinberg, CISSP, ISSAP, ISSMP, CSSLP

Non-profits, like most modern organizations, handle significant amounts of sensitive information – which often residesin electronic form on Internet-connected computers and networks. Donor details, information about programs run and people receiving aid, employee and payroll records, and many other forms of data are all of significant value to criminals. 

Hackers know that non-profits often don’t have the resources to invest in expensive security systems, and that computer systems in use may be several years old and designed before non-profits were being targeted with digital attacks. Cyber-thieves understand, therefore, that such systems often contain vulnerabilities and lack cyber-defenses, making them easier to hack than many systems in the commercial sector.

The consequences of compromised security may not be small. Bad press, the breach of confidentiality and embarrassment emanating from the leakage of data about people being helped by the non-profit, fines from credit card companies for failure to confirm to security requirements, or donors suffering the anguish of identity theft and blaming anorganization’s negligencecan be catastrophic.

Some cases have made the media. When the Columbia Triathlon Association website was hacked, for example, cybercriminals successfully pilfered information about over 8,000 members – including a password database in encrypted form.

So what can a non-profit do to ensure that it remains cyber-secure? While a single article is not sufficient to cover all the aspects of cybersecurity in a non-profit setting, here are several high-level pointers…
 
First and foremost, commit to actively ensuring cybersecurity. The cost – in terms of time, money, and aggravation – will likely be far less if a proactive approach is taken.

Create proper policies governing who has access to which resources, and implement rules and technology to enforce these policies. Access to systems and information should always be on a “need to know” basis. Systems should be used for only their intended purposes and not for others, such as reading email or accessing Facebook. Ensure that every user has her own credentials and that all systems require a login with a password that is not easily guessable or found in the dictionary.

If wireless (or wired) Internet is provided for guests within a facility, implement it on its own separate network – isolated from any non-profit systems and networks.Visitors have no need to access any internal systems. 

Don’t let them.

Branch office managers should ensure that they conform to all security policies of the parent organization and should also implement security to ensure that a breach at another branch, or at the main office, does not prorogate to their location.

Ensure compliance with all credit card security rules, and, unless truly necessary, do not store credit card data after processing transactions.Never store credit card security codes or debit card PIN numbers.

Store all sensitive data – including donor information, employee data, documents related to programs being run and beneficiaries from any charity, etc. – in encrypted formats. When in doubt, encrypt.

Select and implement security technology to meet functional and security requirements– and ensure that all technology is kept up to date. Keep in mindthat all major recent cybersecurity breaches have occurred to organizations running firewalls, anti-virus software, and other security products, and so…

Perhaps most importantly, leverage the services of a skilled cybersecurity professional to properly design your cybersecurity plan.Remember, cybercriminals have technical expertise. Shouldn’t you have it to defend your organization?

Joseph Steinberg (CISSP, ISSAP, ISSMP, CSSLP) is a respected cybersecurity expert and the C.E.O. of Green Armor Solutions, a leading provider of information security software. An industry veteran with 20 years of experience, Joseph is often sought after by organizations ranging from global corporations to small businesses to assist them with their digital security needs. He is the inventor of several cybersecurity technologies, the author of a book and many articles on cybersecurity-related matters, and a frequent lecturer on topics related to cybersecurity, technology, and business. For more information, or to contact him, please visit www.JosephSteinberg.com

11 comments:

  1. Hello there! I will be looking forward to visit your page again and for your other posts as well. Thank you for sharing your thoughts about non profit fundraiser in your area. I'm glad to stop by your site and know more about non profit fundraiser. This is a good read.
    Fundraising professionals, who have been employed with not-for-profit organizations as fundraisers or as fundraising consultants, for at least sixty (60) months, can become certified as a Certified Fund Raising Executive (CFRE). The CFRE credential is administered by CFRE International, an independent 501(c)6 whose sole mission is dedicated to setting standards in philanthropy through a valid and reliable certification process.
    Shop for amazing savings. Support causes that make a difference.

    ReplyDelete
    Replies
    1. Saya IBU SALMAH ingin berbagi cerita kepada anda semua bahwa saya yg dulunya cuma seorang TKI di ARAB SAUDI jadi pembantu rumah tangga yg gajinya tidak mencukupi keluarga dikampun,jadi TKI itu sangat menderita dan disuatu hari saya duduk2 buka internet dan tidak disengaja saya melihat komentar orang tentan AKI SOLEH dan katanya bisa membantu orang untuk memberikan nomor yg betul betul tembus dan kebetulan juga saya sering pasan nomor di ARAB SAUD,akhirnya saya coba untuk menhubungi AKI SOLEH dan ALHAMDULILLAH beliau mau membantu saya untuk memberikan nomor,dan nomor yg diberikan AKI SOLEH meman betul2 terbukti tembus dan saya sangat bersyukur berkat bantuan AKI SOLEH kini saya bisa pulang ke INDONESIA untuk buka usaha sendiri,,munkin saya tidak bisa membalas budi baik AKI SOLEH sekali lagi makasih yaa AKI dan bagi teman2 yg menjadi TKW atau TKI seperti saya,bila butuh bantuan hubungi saja AKI SOLEH DI 082-313-336-747- insya ALLAH beliau akan membantu anda.Ini benar benar kisah nyata dari saya seorang TKI trimah kasih AKI wassalam.


      KLIK DISINI BOCORAN TOGEL HARI INI






























      Saya IBU SALMAH ingin berbagi cerita kepada anda semua bahwa saya yg dulunya cuma seorang TKI di ARAB SAUDI jadi pembantu rumah tangga yg gajinya tidak mencukupi keluarga dikampun,jadi TKI itu sangat menderita dan disuatu hari saya duduk2 buka internet dan tidak disengaja saya melihat komentar orang tentan AKI SOLEH dan katanya bisa membantu orang untuk memberikan nomor yg betul betul tembus dan kebetulan juga saya sering pasan nomor di ARAB SAUD,akhirnya saya coba untuk menhubungi AKI SOLEH dan ALHAMDULILLAH beliau mau membantu saya untuk memberikan nomor,dan nomor yg diberikan AKI SOLEH meman betul2 terbukti tembus dan saya sangat bersyukur berkat bantuan AKI SOLEH kini saya bisa pulang ke INDONESIA untuk buka usaha sendiri,,munkin saya tidak bisa membalas budi baik AKI SOLEH sekali lagi makasih yaa AKI dan bagi teman2 yg menjadi TKW atau TKI seperti saya,bila butuh bantuan hubungi saja AKI SOLEH DI 082-313-336-747- insya ALLAH beliau akan membantu anda.Ini benar benar kisah nyata dari saya seorang TKI trimah kasih AKI wassalam.


      KLIK DISINI BOCORAN TOGEL HARI INI















      Delete
  2. Perhaps most important, the use of the services of a skilled network security professional correct design your network security plan. Please remember, network criminals have technical expertise. You shouldn't have put it to protect your organization?
    cheap mlb jerseys

    ReplyDelete
  3. Hi there! great stuff here, I'm glad that I drop by your page and found this very interesting. Thanks for sharing your thoughts about non profit fundraiser, hoping to read something like this in the future!

    ReplyDelete
  4. You have posted very good information. I want to share a link with viewers here which I found on the web. Its about the website that some very special offer for you. So, you can this special information at goodneighbors.org/space

    ReplyDelete
  5. Obat Kutil Di Kemaluan PriaApakah Pengobatan Herbal Adalah Cara Terbaik Untuk Menyembuhkan Kutil Kelamin?untuk cara pemesanana silahkan kunjungblog kami
    obat keluar nanah dari kemaluanYang kedua, pastikan pasangan seksual anda sehat dan tidak memiliki masalah dengan penyakit menular. Dan ketiga, cobalah setia dengan satu pasangan dan hindari bergonta-ganti pasangan saat berhubungan seks.untuk cara pemesanana silahkan kunjungklik disin

    ReplyDelete
  6. It's sad that these hackers target NPO's! Prevention is always the best option when it comes to cyber-security but most of the time, the system gets penetrated without having preventative methods in place. Thanks for sharing!

    Fred H | www.amazingsupport.co.uk

    ReplyDelete
  7. Thank you for your miracle Doctor Osemu Okpamen

    This article is dedicated to the Doctor Osemu Okpamen. I have been married with my wife for 5 years and recently she broke up with me and it hurt me deeply when she told me to leave her alone and that she does not love me anymore when i was always faithful and honest to her. I tried all the ways to get her back buying her what she wants like i always did and she still left me heart broken and she even has a new boyfriend which destroyed me even more until a friend of mine from high school directed me to this genuine spell Doctor called Osemu Okpamen. This man changed my life completely. I followed everything he told me to do and my wife came back begging for me back. I was stunned everything happened exactly like he told me. I had faith in everything he told me and everything was true. Also he was there every moment until i got my happiness back and he also provides spells that cures any diseases & sickness. You could contact him via email at { Doctorokpamenspelltemple@yahoo.com } or visit his website http://www.doctorokpamenspells.com or reach him on +1 (914)-517-3229, +2348135254384. He will help you in anything you need and quick to answer once you contact him.

    ReplyDelete
  8. HJ Foundation is a charitable trust run by Mr. Harish Jagtani . And one of the renowned non-profit organizations in South Africa

    ReplyDelete
  9. Harish Jagtani Foundation is South Africa’s local top non-profit organization is where you can help for others

    ReplyDelete
  10. HJ Foundation is South Africa’s local top non-profit organization is where you can help for others

    ReplyDelete