Nonstop Nonprofit NOW · 08.13.2020

August 13, 2020
3 minutes
Justin is Funraise's CEO, a co-founder, and a bad-ass, experienced nonprofit fundraiser. Like a true fundraiser-turned-founder, he breaks down the concepts behind Funraise's mission everywhere he can make nonprofits' voices heard.

Cybersecurity is a Culture

That's the theme for this week's Nonstop Nonprofit NOW episode.

If you've been following my posts this week, you're probably getting sick of all this cybersecurity talk. So, here are my two biggest tips for promoting a culture of cybersecurity at your nonprofit:

🙅 Stay away from public wifi 🙅

  • Browsing on public wifi is like going to a rally with no mask.
  • Use a tool like ExpressVPN to keep you safe if you must get on public wifi while traveling.

🛑  Stop sharing your passwords 🛑

  • No more Slacking, messaging, emailing, texting, or sharing passwords with your colleagues on sticky-notes.
  • No more generating your own passwords. Use a service like LastPass to securely generate, store, and safely share passwords.

If you think this sounds paranoid, do you remember...

👉 The Airbnb scam that directed the renter to a fraudulent website to finalize payment?

👉 The Amazon order cancellation scam that caused millions to unintentionally download malware onto their devices by clicking links in an email?

👉 The Apple Care scam that sent Apple users to a fake Apple website to compromise iPhone users, thus using their devices to compromise more apps and phones with malware?

This stuff is pretty serious—Make sure your nonprofit isn't brushing it off. And enjoy the show over on LinkedIn!

Transcript
Hey, everyone. Thank you for tuning in to this week's Nonstop Nonprofit Now! Today, I want to talk about creating a culture of security at your nonprofit organization. As many of you might know, Blackbaud recently reported a pretty massive security incident where many of their customers were hacked into. Information was stolen. And I want to talk a little bit about that. I also want to talk about what you as a nonprofit can do at a systems level and at an individual level to mitigate cyber attacks. And so we're going to dive into the content right now to get started. 

So first, the security incident that Blackbaud reported in mid July impacted many of their customers around the world. In May of 2020, they discovered and stopped a ransomware attack, which is a cyber criminal attempting to disrupt the business by blocking companies out of their own data and servers. So essentially, this was traced back to February of 2020. They discovered it in May and reported it to their customers in July. It is a big deal. Customer information or sorry, donor information was stolen. Blackbaud paid a ransom and have been led to believe that there has been no other sort of disruption with a data that has been stolen. But I want to take this moment not to necessarily talk about this particular incident, but instead to share with you as a nonprofit what you can be doing to prevent and to mitigate cyber attacks. It's inevitable that technology platforms will become victim to cyber attacks. It's impossible to stop from a 100% perspective, but we can mitigate. And we as users of the platform, we as individuals play an important role. 

From a systems level, let's jump in to that and talk about just one easy way you and your organization can be on top of cyber attacks. There's a tool called ExpressVPN. And I know as a nonprofit worker, you are all over the place. Especially Pre Covid-19, you travel, you work from home, you work from cafes, you work from airports. And one of the most dangerous things you could do is to be using public Wi-Fi. You expose yourself to potential attackers. And so you need to protect your network. You need to always be working from a secure network. And so a tool like ExpressVPN will give you a secure connection and make it much more difficult for cyber criminals to attack your computer and software on your computer. And an extra bonus, if TikTok ever does get banned from the U.S., this will allow you to keep watching all those TikToks. 

All right. The next thing I want to talk about as an individual, what can you do to prevent cyber attacks? I have seen this time and time again individuals post their passwords on sticky notes. They slack it to a colleague. They email it over. They use all of these ways that are just not secure. And passwords are one of the number one ways cyber criminals get access to your systems. The way that they have shared, the way that they're stored, the way that they're used. And so you need to use a password manager like LastPass, which will help you create safe and secure passwords. They'll help you ensure that you never reuse a password on more than one platform. And if you do need to share your password, they have encrypted ways, to be able to share passwords with your colleagues if that is a protocol that needs to happen. So as an individual, you need to up your game on your passwords. Don't use your birthday. Don't use your name. Don't use your wife's name, whatever it might be. You need to be more vigilant with passwords. And this will absolutely go a long way in helping ensure your safety on the Internet. 

So I hope these quick tips were useful for you and your organization. As you think about creating more of a culture of security. The work that you're doing is just way too important not to take these things seriously. So be a hero. Make cyber security a part of your culture every day. It's that important. 

Thank you for tuning into this week's Nonstop Nonprofit Now episode. If you'd like to see more content, head on over to the featured section of my LinkedIn profile where you can find our weekly podcasts, which are typically 30 - 45 minutes long, and we drop them every Wednesday. Thank you so much. Stay safe and peace out!

Stay in the nonprofit loop.

Get weekly updates on tips, trends, and best practices to help power your nonprofit. #nonprofitz4lyfe