Why cybersecurity matters for NGOs and non-profits
In our recent webinar, we delved into the critical realm of cybersecurity for NGOs and non-profits. Highlighting the ethical duty these organizations hold to protect users and maintain client trust, even in the digital world, we explored the unique challenges they face.
Non-profits, often dealing with highly-sensitive data, face a daunting reality where a data breach could jeopardize lives, freedom, and the trust they've built. Unfortunately, these organizations may lack the resources for large IT teams to counter internal and external threats.
The discussion underlined the importance of increasing awareness for cybersecurity and encryption. At Tresorit, we are actively involved in educating on various levels to empower individuals and organizations in navigating the digital landscape securely.
Why it matters
Ethical Duty: NGOs have a duty of care towards users and clients, extending to the digital realm in the 21st century. Data leaks can have catastrophic consequences for human rights defenders, environmental groups, and others.
Legal Compliance: Non-profits are subject to the same regulations as traditional businesses, such as GDPR. Violations can result in substantial fines and reputational damage.
Protecting Data in the Digital Age: A few simple steps can make a significant difference in securing valuable assets. Examining how files are stored and shared, setting clear guidelines, and researching digital tools are crucial.
Advantages of Digitalization: Despite the challenges, embracing digital tools offers significant advantages, such as enhanced collaboration, access control, and detailed access logs.
How can NGOs protect themselves and their clients in the digital age?
While data protection can seem like a daunting task, in reality, a few simple steps can make all the difference in securing your organization’s most valuable assets.
One of the most important things that NGOs can do is take the time to sit down and examine how files and documents are stored and shared across their organization. This is also a good time to see if your workspace should be following any specific laws or regulations related to the country or region where you operate.
Ask yourself: How do employees and volunteers currently share and store sensitive data? Is there any chance that this information could fall into the wrong hands, such as through a mis-sent email, or a stolen laptop? Do you currently know which employees have access to specific documents? Do you have the power to revoke that access if a volunteer or team member leaves the organization?
The answers to these questions — and how you want to deal with them — will be specific to your individual workplace. However, if you don’t have set rules or policies related to how your non-profit deals with digital files, then now is the time to think about how these areas could be better handled.
As well as ensuring that your non-profit operates responsibly and legally, clear guidelines you will help everyone in your organization work quickly and coherently. It’s often far easier — and more secure — for teams to work together in a single digital space, rather than battling with a mix of platforms and apps.
It’s also important to research the digital tools that can help your organization. There are thousands of cloud-storage providers, collaboration spaces, and messaging platforms available on the market, but all of them will operate in slightly different ways. Even a basic understanding of how competing platforms work can make all the difference in choosing the right tools for the job at hand.
Encryption is a good example. Encryption is a way of altering data so that it can’t be read by outside eyes. Most mainstream digital tools will use encryption in some way to protect your information from unauthorized users.
However, the type of encryption that companies use can vary widely. Some organizations will use in-transit encryption — where data is only encrypted as it moves from one server to another. Others will choose “at rest” encryption, which kicks in when data arrives at its destination.
Tresorit uses end-to-end encryption, which means that data is secured both when it is stored, and from the moment it is sent from one device to another.
Different types of encryption will have different consequences. Digital platforms or tools that use at-rest or in-transit encryption for their clients’ data, for example, will often be able to access their customers’ files.
This risk doesn’t affect end-to-end encryption, where the decryption keys needed to access data in its readable are only available on users’ individual devices.
How digitalization benefits NGOs
But while taking your first steps into the world of cybersecurity can seem daunting, these digital tools can offer huge advantages to forward-thinking organizations — and you shouldn’t be afraid of embracing everything that cyberspace has to offer.
Cloud-based tools are a great way for dispersed and remote teams to come together and collaborate, allowing different employees to access files whenever and wherever. The same platforms also make a great option for NGOs who work with multiple partners and agencies, and some will offer tools that allow you to track which users have access to a particular document. This can be particularly important when working on fixed-term projects or with volunteers, as it allows you to easily revoke access as required and remain firmly in control of your own files.
Certain collaboration tools and workspaces will also use these same tools to create access logs, which allows you to keep an accurate record of who has opened, accessed, or edited individual documents and when. This automatically-generated paper trail can be a game changer for organizations that need to undergo regular audits or produce donor reports.
Digital working can pose new threats to organizations, but these are far outweighed by the benefits that modern technology to non-profit workplaces. Organizations don’t need grand or sweeping overhauls to thrive in the 21st century usually, but small and thoughtful changes that can make a lasting difference in day-to-day lives — something that most NGOs know all too well.
Interested in learning more? Tresorit supports organizations that work towards creating social good by offering discounted subscriptions. Click here to find out more.
