Charities are at risk from cyber-attacks. That might be stating the obvious, but a recent report from the Department for Digital, Culture, Media and Sport (DCMS) makes the extent of the threat clear. Over a quarter of charities report experiencing data breaches or cyberattacks in the last 12 months. Worryingly, a fifth of those organisations experience attacks at least once a week.
Like all organisations, charities face cyber risk because so much work these days is carried out online. We all use email and browse the internet. Over half of all organisations (charities and businesses) have online bank accounts and social media pages and hold personal data about customers or donors. As many charities as businesses (23%) let people order, book or pay online, and a third of charities let people donate online too.
But charities are arguably in a worse position than businesses, because their pressing need to provide frontline services leaves little cash in the kitty for the latest security tools and audits. Many charities also partner with other public and third sector organisations with similar exposure, leaving them vulnerable to secondhand risk.
Charities, cybercrime and COVID
Needless to say, the pandemic has only magnified the threat from cybercrime. Most charities had to switch to remote work when the pandemic struck, and many employees and volunteers remain at home. Many will never go back to the office full time, as charities struggle to make ends meet in difficult times.
At the same time, a number of organisations were also able to transfer service provision online, replacing face-to-face services with Zoom sessions and online resource packs.
All of which reiterated the sector’s well known resourcefulness, but also added to its risk. The threat to charities is compounded by the number of employees accessing data and applications using personal devices, known as BYOD. According to the DCMS report, over 60% of charity staff used BYOD before the pandemic, and the number is likely to be significantly higher today. Using personal devices for work-related activity is an inherently risky activity.
So, what can charities do to mitigate the risk, without breaking the bank? There’s lots more about this in our comprehensive ebook, ‘Your introduction to cybersecurity’, which you can download for free. But to summarise, the two most basic pieces of advice are to do the basics better, and equip staff properly for home, office or hybrid working.
A backdoor to cybercrime?
What do we mean by the basics? Well, educating staff about the risks of cybercrime and best practice around email, sensitive information and BYOD is a good place to start. The Government’s 10 Steps to Cyber Security guidance is a solid resource, showing measures that even small organisations can reasonably take to secure their networks and data. On top of that, a regular internal audit or health check is one activity that every charity can undertake.
After that, we’d also advise you to shut and bolt the back doors to your digital data that have been prised open by the pandemic. These threats are typically around communication and collaboration tools, and the data that passes between remote employees or between employees and service users. As we’ve seen, the situation is riskier still if any or all parties are using a potentially unprotected personal device on a domestic internet connection.
The lock in these circumstances can be provided by good cloud-based communications. These are the services that Everything Voice provides, so yes, we would say that. But it’s simply a fact that good, cloud-based communications can enhance data security. At the same time, it can also give you more efficient and cost-effective ways to communicate and collaborate.
In a nutshell, unified communications from Everything Voice bring mobility, intelligence, voice, video, messaging and collaboration tools together in one integrated service. Because it lives in the cloud, we update and maintain the service to ensure it’s always secure. You don’t need to host any on-premise equipment, removing another security headache.
In addition, our cloud communications services are hosted on multiple secure servers and are fully compliant with the highest industry standards, protecting sensitive data. We monitor your network security continually and work with you to evolve your communications security to face new threats.
And because the service is cloud based, it’s available anywhere, on any device, without compromising security.
We know from experience that legacy communications equipment is a security risk, because hackers see it as an easy target. It’s an operational risk too and not only because of its expense and age. Legacy hardware like PBX servers can’t easily support the kind of remote or hybrid working models that are likely to become more common in a charity sector reeling from the effects of the pandemic. Cloud-based unified communications future-proof your organisation, guard against security breaches and give you better ways to work and collaborate, in one cost-effective package.
If you’d like to know more about cybersecurity in the post lockdown world, and the peace of mind that cloud-based unified communications can bring, download our ebook now.