Cyber Security Tools for Small Charities

The good news for small charities is that there are a large number of cyber security tools that can reduce the risk of a successful cyber attack considerably, and many of these are available free or for a very small cost. 

The most significant security threats are outlined below, along with the cyber security tools which can be used to provide security against these threats:   

Ransomware 

Ransomware is a type of malware which encrypts the digital data stored on a computer so that it can no longer be used, and then demands a ransom to restore the data to a usable form. A ransomware attack can be devastating to a charity, potentially putting a stop to its fundraising and other activities. 

  • Backup software. By backing up data regularly, small charities can ensure that they have an unencrypted copy of their data if they fall victim to a ransomware attack. Google’s free Backup and Sync tool backs up data to the cloud, and backup software is also available from many security vendors such as Norton and McAfee 

  • Anti-ransomware software. Many security software vendors offer products which detect when large numbers of files are being encrypted on a computer and stop this activity automatically. Examples include Check Point ZoneAlarm Anti-Ransomware and Acronis Ransomware Protection 

Software which is not up to date 

When cyber-criminals find digital flaws in an operating system such as Windows, or in specific applications such as Word or Photoshop, they can often use these flaws to launch cyber-attacks on organisations such as small charities which may be using this software - until the flaws are fixed in a software update. That’s why it is vitally important that small charities keep their software up to date by installing updates as soon as they are available. It’s also good security practice to set the operating system and other software to update automatically or "check for updates when starting" whenever possible. 

Tools to keep software up to date: 

  • Software updaters. These programs can take an inventory of all the software running on a computer and check for any updates that are available. Some will also download and run any available updates automatically or with a single mouse click. Examples include IObit Software UpdaterFileHippo App ManagerAvira Software Updater, and Thor. 

Poor password security 

Many cyber attacks succeed because organisations use short or easily guessable passwords to protect their systems. Secure passwords are ones which are made up of a random mix of at least 12 upper and lower case letters and symbols such as ! and &. 

The problem for computer users is that secure passwords are hard to remember, so the temptation is to use something simple like "monkey123" or "pa33word". 

 Tools to improve password security: 

  • Password managers. A password manager stores secure passwords and enters them automatically once it has been activated with a master password. This means that a user only has to remember one password rather than many. Password managers also provide protection against some phishing attacks, because they do not enter passwords at fraudulent sites. Good password managers include LastPass1Password, and Dashlane 

Lost mobile devices 

Smartphones and other mobile devices present a significant security risk for small charities if they get lost or stolen because they frequently contain valuable information, they may be used to access charity databases, and they may be needed to log in to accounts which require users to enter a code which is sent by text to the device. 

Tools to secure lost mobile devices: 

Mobile device management software. Find My Device and Find My (formerly Find My iPhone) are two free mobile device management tools for Android and Apple devices respectively which allow users to remotely lock a lost or stolen phone, or even to delete all the information stored on it.   

The device may still be at risk until the remote commands are issued, so it is important that mobile device users activate their devices’ automatic lock feature. This will prevent anyone finding a smartphone from accessing it without first providing a PIN, password, fingerprint, or facial recognition image. 

source charity digital