National Council of Nonprofits - Cybersecurity for Nonprofits

From GCA ACT
Revision as of 14:40, 25 October 2023 by Globalcyberalliance (talk | contribs) (Created via script)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Description


This resource, titled "Cybersecurity for Nonprofits," provides guidance for nonprofit organizations on addressing cybersecurity risks. It highlights three key activities that indicate the need for increased cybersecurity measures: conducting e-commerce on the organization's website, storing and transferring personally identifiable information (PII), and using cloud services. For nonprofits that engage in e-commerce, such as processing donations or event registrations, the resource emphasizes the importance of implementing robust security measures to protect sensitive financial information. It encourages organizations to adopt secure payment gateways and regularly update their website's security protocols. Furthermore, the resource emphasizes the need for nonprofits to safeguard PII, including donor information and employee records. It highlights the potential risks associated with storing and transferring such data, particularly when utilizing cloud services. The resource suggests implementing encryption and access controls to protect PII from unauthorized access or data breaches. While the article does not provide specific solutions or tools, it serves as a starting point for nonprofits to recognize the importance of cybersecurity and take appropriate steps to mitigate risks. By raising awareness about the potential vulnerabilities associated with e-commerce and PII storage, the resource aims to empower nonprofits to make informed decisions and prioritize cybersecurity within their organizations. In conclusion, this resource offers valuable insights for nonprofits regarding cybersecurity risks and provides a framework for identifying areas that require increased attention. By addressing these risks, nonprofits can enhance their data security practices and protect the sensitive information entrusted to them.

More Information


https://www.councilofnonprofits.org/running-nonprofit/administration-and-financial-management/cybersecurity-nonprofits

Description


This resource provides guidance on document retention policies for nonprofits. It emphasizes the importance of having a document management policy in place to ensure efficient organization and avoid potential legal issues. The resource highlights that it is impractical for nonprofits to retain every document they generate and encourages the adoption of a written policy to determine which documents should be retained and for how long. The resource acknowledges that casually discarding papers is acceptable in most cases, but emphasizes the potential consequences when critical documents are deleted or appear to have been intentionally removed as a cover-up during legal investigations. By implementing a document retention policy, nonprofits can mitigate these risks and maintain transparency. While the resource does not provide specific details on how to create a document retention policy, it serves as a reminder of the importance of having one in place. It highlights the need for nonprofits to carefully consider which documents should be retained and for what duration, taking into account legal requirements and potential future needs. Overall, this resource aims to raise awareness about the significance of document retention policies for nonprofits, emphasizing the need for a written policy to ensure proper document management and minimize potential legal complications.

More Information


https://www.councilofnonprofits.org/running-nonprofit/governance-leadership/document-retention-policies-nonprofits

Description


This article, titled "New website security warnings raise the bar for nonprofits" by Rick Cohen, highlights the importance for nonprofits to ensure their websites meet the new security standards set by Google. The article emphasizes that failure to comply with these standards can hinder a nonprofit's ability to engage with the public, including potential clients and donors. In the past, nonprofits could assure donors of their website's security by pointing out the presence of a small "lock" icon in the address bar, indicating the use of secure protocols. However, Google's new standards require additional measures to be taken to demonstrate website security. The article does not provide specific details about the new security standards, but it emphasizes the significance of complying with them. By doing so, nonprofits can maintain trust and credibility with their audience, ensuring a safe and secure online experience for visitors. Overall, this article serves as a reminder to nonprofits about the importance of website security and the potential consequences of not meeting the new standards set by Google. It encourages nonprofits to take action and make the necessary changes to ensure their websites are secure, enabling them to effectively engage with the public and attract potential clients and donors.

More Information


https://www.councilofnonprofits.org/articles/new-website-security-warnings-raise-bar-nonprofits

Description


This resource provides guidance on protecting the future of a nonprofit's data and online presence. It emphasizes the importance of taking proactive steps to secure online activities, especially in light of recent data hacks. The resource suggests referring to the IRS guide and a separate guide for small businesses (which is also applicable to nonprofits) for best practices. The main recommendation is to circulate the advice from the IRS and discuss it with the nonprofit's paid staff, volunteers, and anyone else who uses the organization's computers. By doing so, the nonprofit can raise awareness about the potential risks and implement necessary measures to safeguard their data. While the specific details of the IRS guide and the small business guide are not provided, the resource highlights their relevance and encourages nonprofits to consult them for comprehensive guidance on protecting their data. Overall, this resource serves as a reminder for nonprofits to prioritize data security and offers a starting point for organizations to take action in safeguarding their online activities. By following the suggested steps and engaging in discussions about data protection, nonprofits can better protect their valuable information and ensure the continuity of their operations.

More Information


https://www.councilofnonprofits.org/articles/protect-future-your-nonprofits-data

Retrieved from ‘https://act.globalcyberalliance.org/index.php?title=National_Council_of_Nonprofits_-_Cybersecurity_for_Nonprofits&oldid=5100