Is Your Association at Risk from Cyber Criminals?
You are probably aware of recent massive data breaches such as the Yahoo hacks or the DNC hacks during the US election. You might think that this happens only to large corporations or high-value targets. However, nothing can be further from the truth.
If your association uses an Internet-accessible computer network that handles confidential information or collects and processes personal information, you are a potential target. Information is the lifeblood of associations. That is why you need to do whatever you can to protect your data! If stolen or locked by ransomware, your association will be exposed to significant financial threats -- such as a lawsuit, regulatory fines or loss of funding -- and your reputation could be severely damaged.
Cyber Criminals are a Threat Everyone Should Worry About
Data protection is an operational issue -- not an IT issue. What can you do as a leader within your association to help keep your data safe?
- Have a security and acceptable use policy in place
- This policy should cover all acceptable use of your association’s hardware, device, and data. It should also define what is not allowed and contain termination clauses around security breaches. Immediately upon beginning to work at your association and before being given access to your network, both staff and volunteers should be asked to read and sign this policy.
- Control access to your association’s data
- Assign a unique complex password to all employees and volunteers so they are traceable and user access levels can be monitored.
- Force password changes every 45 days.
- Deactivate the password as soon as the employee or volunteer has left the organization.
- Keep confidential data encrypted and securely backed up every day.
- Train your employees and volunteers how to recognize security threats and scams
- Keep your network and your systems (e.g., software, anti-virus, etc.) up-to-date
- Ensure strong security protection is built into your network
Finally, keep in mind that even if your association doesn’t host your data, you are still responsible for it. With the proliferation of cloud-based programs, associations need to be aware and ready.
This article was written by proLearning innovations. proLearning can help prevent your association from becoming a victim of cyber criminals. Contact them at 647-847-1853 to learn more about their security policy templates and their online IT Security Training Program for Employees and Volunteers.
Data exposure and theft due to volunteer actions are just some of the volunteer risks an association can be exposed to beyond that posed by cyber criminals outside your organization. If you want to learn about other volunteer risks that may be putting your organization in harm's way, the Managing Volunteer Risk: What Keeps You Up At Night? webinar may be for you. Click the button below for details -- time is short, though, as it is on March 30th.