The benefits of modern IT are commonly spruiked. Less often discussed however, are the potential risks. As important as maintaining current infrastructure and adopting modern technology, identifying these risks and planning for a worst-case scenario is the key to risk management in nonprofit organizations. Read on for information about common IT concerns facing NFPs and how to mitigate them.
Control your data
It’s safe to assume you, as well as a large proportion of your staff, have company emails accessible on a mobile device such as a smartphone. Considering the amount of sensitive information communicated via email, it’s not hard to imagine the potential impact of one of these devices being lost or stolen and getting into the wrong hands. Rather than tethering workers to their desks by restricting email access to workstations, consider implementing Mobile Device Management (MDM) which allows for finetuned control of how your data is accessed and shared on phones, tablets and laptops as well as providing protection against misplaced devices with remote lockdown and secure erase.
It’s all well and good to ensure your data is safe from those who shouldn’t be accessing it, but what about those who should? Whether by negligence or other means, user actions can often lead to the loss of sensitive company data. Data Loss Prevention (DLP) services can protect financial information, intellectual property and the private information of your employees, volunteers and clients by intelligently analyzing communications and automatically removing or replacing sensitive information. Alternatively, such communications can be transparently sent to managers for review before either being allowed or rejected ensuring internal policies are being adhered to.
Going hand in hand with controlling access to your company’s information is auditing said access to cover compliance and liability in a worst-case scenario. Thankfully, many modern DLP offerings include advanced reporting and compliance tools as well as customized alerting, while requiring minimal input to administer. Furthermore, with major cloud providers catering for data sovereignty and other regulatory aspects, as well as offering NFP exclusive pricing, moving to the cloud is an attractive prospect for nonprofit organizations looking to reduce IT risks.
When considering security, it’s important not to overlook the basics. Up to date spam filtering, firewalls and endpoint protection, while familiar, can offer much more than just defense against viruses. When implemented correctly each offers novel methods of combatting ransomware and other types of advanced malware. Protection is only half of the battle though – just as important are your disaster recovery and backup systems. Alongside being stored locally on fault redundant storage, backups should be replicated to a secure off-site location as not only does this reduce the risks of restores failing due to corruption but also those of data loss due natural disaster such as fires and floods.
Disaster recovery is about getting back to business as usual while minimizing downtime and impact during a large-scale IT disruption. It requires clearly defined policy and procedure but also infrastructure that caters to location agnostic access. Due to their nature, private and public cloud offerings are ideal for such deployments, though with careful planning on-site systems can achieve somewhat comparable levels of resiliency utilizing preexisting hardware – provided multiple sites are available for failover.
While there are many potential risks facing nonprofit organizations there is also an abundance of products and services catered to addressing them. Partnered with solid policy and thoughtful planning and implementation the benefits of focusing on a forward-thinking IT strategy shine, while the risks to your business as a whole are reduced - hopefully giving you one less thing to worry about.
HOW EVOLVE IT CAN HELP
At Evolve IT we’re passionate about helping others and take pride in empowering not for profits (NFPs) through technology. Whether it be by assisting collaboration, streamlining communication or enabling an ever more mobile work force.