Welcome to the CSAE Blog

Click here to return to the CSAE Blog main feed.

Three Ways Not-For-Profit Organizations Can Become More Cyber Savvy

Three Ways Not-For-Profit Organizations Can Become More Cyber Savvy

Cyberattacks are not confined to big organizations and government agencies. Organizations of all sizes are at risk. The risk is rising as organizations access more Cloud applications, and employees take advantage of web-based services (e.g., file sharing and the use of public hotspots to communicate). Fortunately, there are best practices organizations can follow to cost-effectively reduce their risk profile. Such practices are also designed to protect against cyberattacks.

 

1. Use Passwords (Effectively)

It may sound basic, but passwords are one of the easiest ways to protect oneself. It’s far costlier to identify and repair damage after hackers gain access to your network than it is to employ passwords to help keep them out in the first place. There are two elements to developing an effective password policy:

 

Create strong passwords

Strong passwords are difficult to guess or to deduce with brute-force hacking techniques.

 

Protect passwords from unauthorized use

While strong passwords can protect your network, it’s up to employees to also protect your systems. It’s management’s job to help employees understand why and how they do so to assure protection. You can accomplish both by creating and enforcing an effective password policy. Management should lead by example, creating a workplace where cybersecurity policies are adhered to at every level -- including at the top. Employees who recognize the consequences of their actions will be more likely to make cybersecurity an ongoing priority. Think human firewall!

 

2. Update Your Software

New operating system and application vulnerabilities are exploited by hackers daily. Prime targets include web and common business applications such as Adobe Reader and Flash. They are targeted simply because they’re installed on many systems. For example, the “Code Red” worm in 2001 targeted Microsoft IIS web servers, which host websites around the world. The worm created a denial of service (DoS) attack that infected over 350,000 servers in a single day. Such an attack can flood networks with useless data, consuming computing resources businesses need to operate.

Vendors typically release software updates that include the latest security patches to forestall common attacks. Installing patches when they are available is a great way to prevent hackers from exploiting security flaws vendors have already identified and addressed. Patches fully leverage your investments by securing your business-critical processes.

 

3. Don’t Overlook Physical Security

Physical security is a critical element of cybersecurity. A disgruntled employee can derail your cybersecurity efforts by simply walking out of your office with equipment or intellectual property. Don’t let it happen!

 


 

Get more cybersecurity insights from David Florio and Sophie Doukas at their session Good Cybersecurity Doesn't Have to Be Costly or Take Years to Build at the 2018 CSAE Conference & Showcase in Ottawa.

Related

Tags

Cybersecurity, David Florio, Sophie Doukas, CSAE Conference & Showcase

Categories

Guest Contributor, Web / Technology

Share

Rating

0 ( 0 reviews)

Post a Comment

Subscribe to Blog
Name

Subscribe to receive blog notifications and other CSAE communications. Whitelist info@csae.com to ensure subscription notices arrive in your inbox.

Want to Contribute?

CSAE is looking for people from the Association Community who want to share their passion, interest, and advice with their peers via CSAE content channels.

This is an opportunity to help others and increase exposure for yourself and your association.

Categories
  • Uncategorized
  • CSAE Speaks
  • Education
  • Events
  • Membership
  • Op-Ed
  • Marketing
  • Publications
  • Guest Contributor
  • Web / Technology
Tags