Charities need a little help to maintain secure data

It would be comforting to think that charities would be immune from the attentions of hackers, but sadly they offer such a wealth of information and are often the easiest of targets. While it may be difficult to devote time and money to information security, charities must juggle strained resources to protect their valuable data.

Charities will probably hold electronically the identities of its donors, as well as the recipients of their services. Last year, the Pregnancy Advisory Service had a malicious attack when a hacker accessed unencrypted data, resulting in a £200k fine to the charity.

Charities are often also used by hackers to ‘launder’ credit cards. Small donations are made using the cards to test if they are valid. Once the transaction is accepted the cards are either used for significant other purchases, or more likely sold on as a ‘live’ card.

Striking a balance between liberty and lockdown is important. Don’t let everyone have access to all the charity’s data and IT systems. Ensure that the only people who can access the information are authorised and need to do so.

Many vulnerabilities are exploited through software – operating systems, applications, even the anti-malware that should be protecting your systems. All this software must be kept current and up-to-date with the latest versions. Regular updates reduce the risk of someone exploiting a flaky old application to get access to precious data.

Request a security assessment

We are offering a security assessment that will give visibility into your network, uncovering security incidents and risks.

Your security assessment provides a comprehensive report that identifies:

  • Your current security status
  • Current security risks; including malware downloads, bot infections, high risk web applications and data loss
  • Suspicious activity or sources of data leaks within your business and networks
  • Recommendations on how to eliminate threats and resolve your security issues

Request an assessment

  • Should be Empty: