Lawrie Simanowitz, Partner at Bates Wells Braithwaite solicitors, advices charities to “consider the implications of using Facebook and the risk that their data may be accessed without their knowledge”. In one of his cases, a fraudster penetrated the database of a charity obtaining information on thousands of members. The charity didn’t tell their member about the incident and after a year, the charity started receiving complains and in process they lost many members.
Security is a concern for any digitalised organisation and charities unfortunately are not exempt, and they need to implement security measures to protect themselves and their trustees.
The video above is from the Charity Digital News and it gives some good advices for security measures that charity needs to take.
- Ask a professional: some organisations are struggling to grasp the basic requirements.
- Physical security: lock the cabinet, lock the access doors and don’t leave the computer open out of business hours.
- Implement an information security awareness program: conduct an IT and information security indication awareness program before creating an account.
- User access: ensure all employee have a proper password policy and if they use organisation’s account on their mobile device, ensure those are also password protected.
- Keep an eye regularly on your firewall settings.
- Be aware of the various ways data can be leaked accidentally.
- In general, is not a lack of knowledge but a lack of good practice that usually leads to security breaches. People have to work in harmony with technology: online and IT technology, much like a car, is a complex tool that needs to be used with awareness.