According to the Office for National Statistics, there were an estimated 5.1 million cyber-crimes and frauds in the UK in 2014 and 2.5 million offences under the Computer Misuse Act, including hacking and malware. With over 24 million donors online and charities being no stranger to the digital era, it is important to take extensive measures to keep both parties protected.
The growth in cyber-risk has increase immensely. Research shows that cyber criminals often target groups and sectors that are compassionate and unlikely to have sophisticated technological defences in place. However, cyber-crimes can also be accidental and occur purely because of ignorance of the law, making charities particularly susceptible to cyber-risks, such as:
- Data Loss: Donor data is fundamental to any charity. With many charities and organisations storing data on portable devices, the risk of loss or data corruption is extremely common. Data loss can be accidental and result to private and confidential information being sent out.
- System Glitches: All technology has a lifeline. Physical systems can have a sudden malfunction or internal systems can fail, which can be of huge detriment to any charity that relies heavily on the use of computers and devices. Although usually a technical fault system glitches can occur due to out of date software.
- Malicious and Criminal Attacks: The internet has bought along an influx of hackers penetrating organisation’s records daily. Malware, such as, Trojan horses, spyware and phishing, make it easy for hackers to gain access to confidential charity information, financial data, and donor records. Online attacks also make it easier for cyber extortion and theft.
With charities regularly collecting donor information online, it is extremely important to stay protected. With countless laws surrounding online privacy and data protection, charities need to ensure that they are as careful as possible, especially online. There are a range of measures that can be taken to ensure that both charity and donor information remain protected.
Data Loss Prevention
All charities should have controls, which prevent data from being lost. Data loss prevention reduces the chances of confidential and important information from being lost or sent around. A way to stay protected from data loss is by using software such as Symantec which are cloud based and allow for protection on all high risk information. Using the cloud based software for your data means that if you do lose information you will always have a secure backup online. If you do however experience data loss, it is always important to notify those whose data has been compromised. If the case is serious and a large number of clients’ data has been compromised, the Information Commissioners Office (ICO) should be made aware.
Backing up data using firewalls, encrypting data and using up-to-date software is necessary to ensure that you are protected from malware and fraudulent activity.
Upgrades and Testing
Out of date software makes all software more vulnerable to online hacking, viruses and attacks. Ensuring that your software is regularly updated reduces the chance of charities being exposed to cyber risks. Furthermore, regularly carrying out tests on your software will assure that you are always safe when using computers and devices.
Using technology to tackle technology should not be the only measure your charity adopts. It is important that you plan ahead for effective prevention. Ensuring that you have an effective risk procedure should be made mandatory for all types of risks that your charity could be exposed to. Regularly testing for potential risks and keeping up to date with potential threats reduces the risk of attacks. Training employees is also a great way to reduce the chances of cyber-attacks and data loss. Ensuring that all employees understand risk procedures and the effects of data loss reduces the chances of risks significantly.
For further advice on protecting your charity information, please contact Suda Ratnam.