Nonprofit IT SecurityHelping Organizations Protect Themselves
Nonprofit IT Security
It’s in the news almost every day it seems. Breaches, hacks, digital ransom, it seems everywhere. If you are a small/medium nonprofit, where do you start? “Security Consultants” want to charge you five figures for what sounds like pretty simple services. Yet, the threats are all too real, something many nonprofits are experiencing either first-hand or hearing about other organizations facing.
It’s true, nonprofit organizations are known to the hacker community as easy targets. With our own clients, we have seen sophisticated attacks against small organizations that we normally see in the commercial sector in clients 10X-20X their size. Sadly, it is known that many nonprofits are under-staffed and under-resourced, which means that their defenses are down.
What Are Nonprofits to Do?
Ask any IT security potential about the #1 thing that any organization can do to protect themselves and they will most often say “user training”. After all, it is users who open the email attachment they shouldn’t, who click on the poisoned link, who after five years still use the password “Password1”. Of course, there are concrete steps management can take to make smart policies and choices, but at the end of the day, windows of opportunities are open for hackers because users keep them open.
Of course, to solve any problem the first step is to fully understand it. By doing a thorough inventory of real vulnerabilities an organization has, leaders can implement software, systems, and procedures to combat their risk head-on.
What can your organization do? You can learn about what your risks are and train your users to not let the wrong people in. We can help.
IT Security Audit & Report
We will walk your organization through a solid, proven plan to access risk, surface vulnerabilities, and devise a plan to mitigate risk and innoculate against the bulk of threats that are out there. We present you with a complete, Plain-English report laying out concrete steps you can follow to address your IT risk.
Need help? With every report, a project bid is included that lays out the steps we would take to work with you to fix the problems we find.
This report also functions as a complete guide to use to work with your existing IT provider to allow them to help make your organization as secure as possible.
End User Security Training
The #1 thing any organization can do protect themselves is to train their users. We offer friendly, jargon-free training to your users. One-on-one, small or large groups, we can train any user to use technology more safely.
From using email safely (no more clicking on those bogus links or opening untoward attachments), to solid/usable password policies, to physical security of systems (and the avenues we often leave open to strangers in our own offices), we can train your staff, executive leadership, and/or board to be much more savvy and secure users of technology, highlighting ways users/systems can be more safe that are specific to your organization.
Group IT Security Training (Online)
For organizations looking for the most economical training option, our recurring 90-minute group trainings are a great option.
We’ll do a deep-dive into the most common security issues facing most organizations. We limit each training to 20 participants and we leave time for Q&A to address specific questions/concerns you have.
These group trainings happen twice a month and are a flat $95 per participant (organizations can share a single computer/monitor for small groups).
Check the calendar below to see our upcoming group training sessions.