Wednesday, September 14, 2011

The Hackers Are Coming: What Steps to Take NOW To Ensure Cybersecurity of Your Non-Profit

This is an area I've been thinking about a lot lately.  Organizations and individuals at all levels are vunerable to hacking.  There is a major initiative in this country to counter "cyber terrorism" and cyber security is the hottest topic in board rooms and war rooms.  What is scarey is that many nonprofit organizations have limited ability and resources to combat security breaches.  And as more nonprofits move to online donations, online membership registrations and sales, personal information becomes more accessible to those who would exploit it.  Joseph Steinberg points out that nonprofits must be concerned with cybersecurity and should take up this issue as soon as possible.  Bunnie

The Hackers Are Coming: What Steps to Take NOW To Ensure Cybersecurity of Your Non-Profit
By Joseph Steinberg, CISSP, ISSAP, ISSMP, CSSLP

Non-profits, like most modern organizations, handle significant amounts of sensitive information – which often residesin electronic form on Internet-connected computers and networks. Donor details, information about programs run and people receiving aid, employee and payroll records, and many other forms of data are all of significant value to criminals. 

Hackers know that non-profits often don’t have the resources to invest in expensive security systems, and that computer systems in use may be several years old and designed before non-profits were being targeted with digital attacks. Cyber-thieves understand, therefore, that such systems often contain vulnerabilities and lack cyber-defenses, making them easier to hack than many systems in the commercial sector.

The consequences of compromised security may not be small. Bad press, the breach of confidentiality and embarrassment emanating from the leakage of data about people being helped by the non-profit, fines from credit card companies for failure to confirm to security requirements, or donors suffering the anguish of identity theft and blaming anorganization’s negligencecan be catastrophic.

Some cases have made the media. When the Columbia Triathlon Association website was hacked, for example, cybercriminals successfully pilfered information about over 8,000 members – including a password database in encrypted form.

So what can a non-profit do to ensure that it remains cyber-secure? While a single article is not sufficient to cover all the aspects of cybersecurity in a non-profit setting, here are several high-level pointers…
 
First and foremost, commit to actively ensuring cybersecurity. The cost – in terms of time, money, and aggravation – will likely be far less if a proactive approach is taken.

Create proper policies governing who has access to which resources, and implement rules and technology to enforce these policies. Access to systems and information should always be on a “need to know” basis. Systems should be used for only their intended purposes and not for others, such as reading email or accessing Facebook. Ensure that every user has her own credentials and that all systems require a login with a password that is not easily guessable or found in the dictionary.

If wireless (or wired) Internet is provided for guests within a facility, implement it on its own separate network – isolated from any non-profit systems and networks.Visitors have no need to access any internal systems. 

Don’t let them.

Branch office managers should ensure that they conform to all security policies of the parent organization and should also implement security to ensure that a breach at another branch, or at the main office, does not prorogate to their location.

Ensure compliance with all credit card security rules, and, unless truly necessary, do not store credit card data after processing transactions.Never store credit card security codes or debit card PIN numbers.

Store all sensitive data – including donor information, employee data, documents related to programs being run and beneficiaries from any charity, etc. – in encrypted formats. When in doubt, encrypt.

Select and implement security technology to meet functional and security requirements– and ensure that all technology is kept up to date. Keep in mindthat all major recent cybersecurity breaches have occurred to organizations running firewalls, anti-virus software, and other security products, and so…

Perhaps most importantly, leverage the services of a skilled cybersecurity professional to properly design your cybersecurity plan.Remember, cybercriminals have technical expertise. Shouldn’t you have it to defend your organization?

Joseph Steinberg (CISSP, ISSAP, ISSMP, CSSLP) is a respected cybersecurity expert and the C.E.O. of Green Armor Solutions, a leading provider of information security software. An industry veteran with 20 years of experience, Joseph is often sought after by organizations ranging from global corporations to small businesses to assist them with their digital security needs. He is the inventor of several cybersecurity technologies, the author of a book and many articles on cybersecurity-related matters, and a frequent lecturer on topics related to cybersecurity, technology, and business. For more information, or to contact him, please visit www.JosephSteinberg.com

9 comments:

  1. Hello there! I will be looking forward to visit your page again and for your other posts as well. Thank you for sharing your thoughts about non profit fundraiser in your area. I'm glad to stop by your site and know more about non profit fundraiser. This is a good read.
    Fundraising professionals, who have been employed with not-for-profit organizations as fundraisers or as fundraising consultants, for at least sixty (60) months, can become certified as a Certified Fund Raising Executive (CFRE). The CFRE credential is administered by CFRE International, an independent 501(c)6 whose sole mission is dedicated to setting standards in philanthropy through a valid and reliable certification process.
    Shop for amazing savings. Support causes that make a difference.

    ReplyDelete
    Replies
    1. Saya IBU SALMAH ingin berbagi cerita kepada anda semua bahwa saya yg dulunya cuma seorang TKI di ARAB SAUDI jadi pembantu rumah tangga yg gajinya tidak mencukupi keluarga dikampun,jadi TKI itu sangat menderita dan disuatu hari saya duduk2 buka internet dan tidak disengaja saya melihat komentar orang tentan AKI SOLEH dan katanya bisa membantu orang untuk memberikan nomor yg betul betul tembus dan kebetulan juga saya sering pasan nomor di ARAB SAUD,akhirnya saya coba untuk menhubungi AKI SOLEH dan ALHAMDULILLAH beliau mau membantu saya untuk memberikan nomor,dan nomor yg diberikan AKI SOLEH meman betul2 terbukti tembus dan saya sangat bersyukur berkat bantuan AKI SOLEH kini saya bisa pulang ke INDONESIA untuk buka usaha sendiri,,munkin saya tidak bisa membalas budi baik AKI SOLEH sekali lagi makasih yaa AKI dan bagi teman2 yg menjadi TKW atau TKI seperti saya,bila butuh bantuan hubungi saja AKI SOLEH DI 082-313-336-747- insya ALLAH beliau akan membantu anda.Ini benar benar kisah nyata dari saya seorang TKI trimah kasih AKI wassalam.


      KLIK DISINI BOCORAN TOGEL HARI INI






























      Saya IBU SALMAH ingin berbagi cerita kepada anda semua bahwa saya yg dulunya cuma seorang TKI di ARAB SAUDI jadi pembantu rumah tangga yg gajinya tidak mencukupi keluarga dikampun,jadi TKI itu sangat menderita dan disuatu hari saya duduk2 buka internet dan tidak disengaja saya melihat komentar orang tentan AKI SOLEH dan katanya bisa membantu orang untuk memberikan nomor yg betul betul tembus dan kebetulan juga saya sering pasan nomor di ARAB SAUD,akhirnya saya coba untuk menhubungi AKI SOLEH dan ALHAMDULILLAH beliau mau membantu saya untuk memberikan nomor,dan nomor yg diberikan AKI SOLEH meman betul2 terbukti tembus dan saya sangat bersyukur berkat bantuan AKI SOLEH kini saya bisa pulang ke INDONESIA untuk buka usaha sendiri,,munkin saya tidak bisa membalas budi baik AKI SOLEH sekali lagi makasih yaa AKI dan bagi teman2 yg menjadi TKW atau TKI seperti saya,bila butuh bantuan hubungi saja AKI SOLEH DI 082-313-336-747- insya ALLAH beliau akan membantu anda.Ini benar benar kisah nyata dari saya seorang TKI trimah kasih AKI wassalam.


      KLIK DISINI BOCORAN TOGEL HARI INI















      Delete
    2. GRAB THIS LIFE CHANGING OPPORTUNITY TODAY
      Make a right and positive choice for this chance of opportunity for you today to be among the 10 lucky persons that the great Illuminati wants to admit and makes them wealthy, famous and rich in business, music, politically, socially and economically and also entitled to a sum of $1,000,000.00 (One Million United States Dollars) with a free home of their choice to live in the world. And $700,000 as monthly income and also been giving money to start up a business of their choice and a guaranteed long life. Interested persons should try their luck by applying through the email below so i can forward it ok.. Email: joseilluminati0@gmail.com OR Call/Text: +13603422391



      Delete
  2. Perhaps most important, the use of the services of a skilled network security professional correct design your network security plan. Please remember, network criminals have technical expertise. You shouldn't have put it to protect your organization?
    cheap mlb jerseys

    ReplyDelete
  3. You have posted very good information. I want to share a link with viewers here which I found on the web. Its about the website that some very special offer for you. So, you can this special information at goodneighbors.org/space

    ReplyDelete
  4. It's sad that these hackers target NPO's! Prevention is always the best option when it comes to cyber-security but most of the time, the system gets penetrated without having preventative methods in place. Thanks for sharing!

    Fred H | www.amazingsupport.co.uk

    ReplyDelete
  5. HJ Foundation is South Africa’s local top non-profit organization is where you can help for others

    ReplyDelete

  6. I did everything to get my boyfriend back but nothing worked. I contacted a relationship doctor i saw online. I told the relationship doctor everything, He promised to fix my relationship problem. I am the happiest lady on earth right now, is never too late to fix your broken heart. You can still get your lover back... Fix broken relationship/marriage... My relationship was restored as promised, My Ex-boyfriend came back and promised never to leave me again.. Everything happened just in 3 days.. I was also cured from herpes with his herbal remedy.. I recommend you contact Robinsonbuckler11@gmail.com…………………………………

    ReplyDelete