The last 18 months has brought on some major challenges for everyone across the charities sector. Whilst so many charities have moved their staff to remote working and becoming more digitally aware, sadly we are also facing more challenges from criminals operating online.
Keep secure online should be a priority for every charity. To help you keep on top of important security measures and keep your data out of the hands of hackers. We’ve developed this three-step security checklist to help secure your data.
Review your Privacy Settings
This is very important to avoid exposing unnecessary information about you or your charity. It’s prudent to revisit your devices and social media account privacy settings and make sure these settings are in line with any security & device policies you have in place.
Privacy settings for Devices - If you've just bought a new device, or haven't looked at your security settings for a while, you should take some time to make sure you're protected against the latest threats. Fortunately, most manufacturers provide easy-to-use guidance on how to secure your devices which you can view below:
These are guides on how to review/amend your privacy settings on social media accounts:
Facebook: basic privacy settings and tools
YouTube: privacy and safety
LinkedIn: account and privacy settings overview
Keep your email account secure
We found that email account compromise was the common breach against charities in the North West and phishing is the most commonly identified cyber attack against charities. So keep your email account secure with the following tips:
● Make sure you have 2-Step Verification enabled on your accounts and update your recovery phone number and email address.
● Keep your browser, operating system and apps up-to-date.
● Make sure you have a strong, unique password on all your email accounts - don’t reuse the same password on multiple accounts!
● Remove or disable any unused apps or browser extensions.
● Never give out your passwords - An email provider will never ask for your password in an email, message, or phone call.
● Check any suspicious emails for the following:
○ Does the email address and sender name match?
○ Are there spelling and grammar errors?
○ Does the email contain a veiled threat that asks you to act urgently?
○ If it sounds too good to be true, it probably is.
○ Forward any suspicious emails to the Suspicious Email Reporting Service (SERS): report@phishing.gov.uk
Keep devices secure when working from home
● Set your updates to install automatically - keep your browser, operating system and apps up-to-date.
● Make sure you are locking your screens if you are leaving your device left unattended.
● Keep a backup of any important data in the cloud or using a removable storage device.
When it comes to cyber criminals, there’s nothing small about small charities or businesses. If you’re open for business online, you could be open to cyber attacks. For further guidance and support, let us help your charity stay ahead of cyber criminals via our free core membership.
Find out more via http://www.secrc.co.uk/membership
Comments