Nonprofit organizations and small businesses both handle significant amounts of sensitive information. With cybercriminals on the rise, nonprofits and businesses need to take extra precautions when it comes to securing their data. Cyber thieves target small businesses and nonprofits, knowing that they do not have the resources to invest in expensive security systems and often have older computer systems that make it easier to steal business-critical data.
So what can small businesses and nonprofits do to ensure that their data remains secure? The following tips will ensure that your data is secure from online predators:
1. Create a company-wide security policy. Create policies that specifically state who has access to which resources and be firm in implementing these policies. Access to systems and information should only be granted to people within the organization who need to know the information. Ensure that your systems are only being used for work-related activities. Make sure each user has his or her own credentials and that each system requires a unique password to login. Consider including prohibitions against accessing Facebook, personal email and social networking sites.
2. Store important data in encrypted formats. Donor information, customer details, employee information, financial data and other important documents should be stored in an encrypted format.
3. Run security software on all PCs. This includes antivirus software, firewalls, and antispyware protection. While this may seem obvious, you would be surprised at the number of companies and nonprofits that do not run security software. Also make sure that your security software subscriptions are current. If it’s out of date, it will do you no good.
4. Comply with credit card security rules. Ensure that your company or nonprofit is compliant with credit card security rules and, unless absolutely necessary, do not store credit card information after a transaction is completed. Make sure that you do not store credit card security codes or debit PINS anywhere on your computer.
5. Set up a separate network for visitors. If your company or nonprofit provides wireless Internet access for visitors and guests, protect yourself by implementing a separate network for your guests.
6. Change passwords regularly. As a rule, your passwords should be changed quarterly. Make sure that your passwords avoid personal information and are difficult for outsiders to figure out.
For more information about protecting your company’s important data, read our article about employees and company security.