CEO Insights: Donor Trust Is Your Greatest Asset

August 15, 2020
3 minutes
Justin is Funraise's CEO, a co-founder, and a bad-ass, experienced nonprofit fundraiser. Like a true fundraiser-turned-founder, he breaks down the concepts behind Funraise's mission everywhere he can make nonprofits' voices heard.

Donor trust is your single greatest asset.

When I was at Liberty in North Korea we trained our team on how to be digitally vigilant.

WHY?

Most cybercriminals come through your front door.

HOW?

Usually by an employee with a compromised password or clicking on a URL that looks like your domain.

We hired a cybersecurity firm to execute a phishing scheme against our staff to understand our baseline.

The scheme was a "shared Gdoc" (with a slight domain misspelling in the URL) that once clicked asked our staff to sign in. Nearly the entire staff was compromised through this exercise.

If it was a real cybercriminal, they would have had access to:

  • bank info
  • donor & client records
  • 10 years of video footage
  • internal staff and board communications

All they needed was to compromise one employee with decent access to get nearly everything.

Your goal as a nonprofit should be to mitigate the risk as much as possible and minimize the compromise if attacked.

Here's how:

  1. Decentralize employee access so criminals can't leapfrog to more sensitive data.
  2. Run penetration tests annually against your staff to keep them on guard.
  3. Ask your vendors for their security policies.

If you do these things, the odds of being compromised are in your favor.

Stay in the nonprofit loop.

Get weekly updates on tips, trends, and best practices to help power your nonprofit. #nonprofitz4lyfe