Non-profit organizations collect, use and disclose personal information just like any other for profit industry. However, non-profit organizations often don’t have the same resources to devote to data security as for profit counterparts. The risk is the same, but the ability to defend and respond is more challenging due to resources that can be devoted to cybersecurity protections.
The Federal Trade Commission (FTC) announced this week cybersecurity resources for non-profits through its FTC.gov/Cybersecurity website, which provides tips on 12 different topics geared to non-profits, including ransomware, phishing, physical security, vendor management, email authentication and other technical considerations.
The guidance emphasizes three basic cybersecurity tips:
-
“Use security software and set it to update automatically
-
Back up important files offline on an external drive or in the cloud
-
Encourage your organization to have policies covering basic cybersecurity and to train employees on those policies”
Non-profits can be devastated by a security incident, breach or data loss. Cybersecurity measures to protect high risk data from loss and exfiltration is a priority for non-profits just as much as for profit entities.
[View source.]