Data Security: A Primer for Advancement Leadership

Data security is critical to making sure that vital information from your organization is not easily accessible, but maintaining data security isn’t easy. In fact, there have been 540 data breaches this year.

 

That’s 163,551,023 people affected in 2020 so far by breaches in data security. Let’s dive into this critical topic as more and more workers and students sign in online every, single day.

Top 6 Causes of Data Breaches

To increase your knowledge about data security, here are the top causes of data breaches.

1. Weak and Stolen Credentials

Passwords that are cracked through brute force algorithms are a main cause of data breaches, but so are stolen passwords.

 

To keep your passwords safe, make sure that you’ve made them complex enough to render them “unhackable”. You can randomly generated passwords and manage them with tools like LogMeOnce or LastPass. Extra points for a combination of upper and lowercase letters, numbers, and special characters.

2. Application Vulnerabilities

Hackers find the technical vulnerability in a software and then exploit it. Before using or launching a new application, make sure your team tests it for vulnerabilities and finds ways to patch those security threats. This includes applications that house your constituent data, like your Advancement CRM database.

3. Malware

“Malware” is short for “malicious software.” It describes a variety of threatening methods that are designed to infiltrate and damage, disrupt, or hack a device. For example, think of viruses, worms, ransomware, and Trojan Horses. You don’t want to be on the receiving end of malware.

4. Malicious Insiders

Taking care of your employees so that they don’t become a future risk to your institution is important, but so is screening out those who seem predisposed to betraying their employer. Malicious insiders are the employees who have access to sensitive information and then purposefully commit a data breach to harm the institution. Better hiring and screening processes, along with maintaining a good organizational culture and robust employee training programs, can help prevent these insiders from coming on board and wreaking havoc from within the organization.

5. Insider Error

Employees who do not have malicious intent but commit a data breach by mistake are also a threat. These employees may not be aware they’ve done anything wrong, but one accidental keystroke can cause a serious data breach.

 

For these employees, it’s important to remind them to take more care with their work and to encourage them to be transparent when they’ve made an error. Employee training is a crucial step to prevent these errors. Together, you can grow and learn, ultimately stopping similar mistakes from happening.

6. Physical Theft

Theft of a device that holds your institution’s sensitive information falls under this category. To prevent these breaches, you may want to take extra care in where you physically store this information—consider using a safe or a security system.

Why Preventing Data Breaches Is Important

Data breaches are preventable. In fact, 4 of the 6 causes of data breaches can be prevented based on changing human behavior. This means that every staff member in Advancement can be a part of the solution.

How To Prevent Data Breaches

There are several measures you can take to prevent data breaches.

Security Policy Training and Education: Setting The Standard

When you’re creating your security policy training and pulling together your educational materials, it’s important to clearly set the standard. When you’re completing this step, it helps to ask yourself and your colleagues the following questions:

  • What is the policy?
  • Why is it beneficial to the organization?
  • How does a security breach impact Advancement?
    • By making a breach relevant to Advancement itself, you’re adding a sense of urgency for employees to comply.

You’ll also want to discuss examples of behaviors that adhere to the policy and examples of behaviors that would violate the policy. By giving employees clear examples, you’re ensuring that they’ll fully understand what does and does not constitute a data breach.

Advancement Leadership as Security Champions: Lead by Example

As a leader in your Advancement team, you must champion the cause to protect sensitive information and build confidence with your donors and supporters. Give periodic Executive Briefings on the key points below:

  • Know what data you have, including its:
    • Location (is it in an on-premise data center, is it vendor-hosted, is it in a storage room, or is it in Mike’s desk drawer?)
    • Format (is the data in a digital copy or a hard copy?)
    • Volume (how much data is there, really?)
    • Classification (whether the data is sensitive or confidential)
  • What potential vulnerabilities exist based on the data you have, the software you’ve used, and access you’ve given staff members?
    • Map these vulnerabilities out and identify them, before a breach occurs.
  • What plans are in place to reduce the vulnerabilities your company has? Are they working? (Tip: If they’re not working, brainstorm ways to improve.)

Communication Plan for Data Breach

Have your plan ready before a data breach occurs. Establish a communication plan such that you and your leadership team can be immediately informed if there is a threat or possible threat of a data breach. Creating a data breach task force or committee can also help streamline that process internally. Determine how you will communicate to your constituents.

Performance Evaluations: Enforce Security Policies

You can’t simply rely on IT to be the sole security watchdog for your organization. By the time they are even aware of staff behavior that has compromised the organization, that door may have been open for months. Staff should be evaluated on a consistent and measured basis.

Data Security: Final Thoughts

Assessment of your Advancement team’s Data Security requires a 360-degree look into how your institution is performing, the vulnerabilities that exist, and ways that existing processes can be refined to prevent future data breaches.

 

When you’re trusting employees with sensitive data, remember—human error can and will happen, but with the right precautions, you’re taking safeguards to prevent future accidental breaches from happening again.

 

Malicious actors also exist, but again—with the right measures, you’re taking steps to prevent them from hacking into or stealing your data.

Current State of Advancement: Is Your Acknowledgment Process COVID-19 Proof?

 

Are you struggling with how to fundraise in the current environment? 

Many institutions are. The uncertainty created by the pandemic, along with a slowdown in our economy and growing civil unrest, can make it difficult for your voice to be heard. 

So in these times and beyond, transparency and sensitivity are critical in your donor communications. How can you ask for funds tastefully, and genuinely thank the donors who contribute them? 

 

Advancement in a Pandemic: The Current Landscape

As you can imagine, this was a difficult year for individual giving. In fact, individual giving decreased by 6 percent in the first quarter of 2020, compared to last year. That’s nearly $25 billion in lost revenue for nonprofits if this trend continues throughout the year.

 

Although technology and data enable us to live and work in a socially-distanced world, these tools alone will not lead us to success. In the face of a global pandemic, our relationships have increasingly taken center stage. These relationships were always important, but COVID-19 has made us remember their true value. After all, human connections allow us to survive in the short term and thrive in the long term. 

 

Take a look at one of your most fundamental, human-connection-centric business practices—thanking your donors. This practice of planned gratitude, also known as your acknowledgment process, doesn’t go unnoticed. It’s greatly appreciated by the donors themselves.

But is your acknowledgment process COVID-19 proof? 

 

Assess and Document Your Current Acknowledgement Process

Currently, you probably follow a standard acknowledgment process that may look something like this: 

 

4 Tips to Revamp Your Acknowledgment Process

Since nothing about 2020 has been business as usual or typical, it’s not sufficient to use standard acknowledgment practices anymore.

Go a little further with your acknowledgment process and tailor it to the times. Below are four (4) tips to help you do just that.

 

1. Change Your Verbiage

Our first tip is to change your verbiage. The way you word your acknowledgment email and letter should address COVID-19.

Directly address how COVID-19 has had an impact on your institution, and on your community. Recipients will appreciate your honesty and they’ll empathize with your circumstances. Remember, we’re all in the same boat. 

If you don’t acknowledge COVID-19 in these communications, you risk coming across as if you’re going through the motions…and no one wants that. 

So, breathe deep, and craft a message as though you’re communicating from one human being to another—because you are. 

 

2. Thank Donors at Every Level

Gift minimums might’ve made sense before the pandemic, but they definitely don’t make sense now. 

Discard your gift minimums for saying thank you, and acknowledge anyone who gives a gift during these tough times. Throughout unprecedented uncertainty, these special individuals have decided to support your institution—now that’s a big deal! By thanking all your donors, you’re showing that you truly see and appreciate their efforts. 

 

3. Get Personal

Don’t be afraid to get a little personal. People appreciate those extra steps, especially amidst all this uncertainty. 

If your standard practice is to send an email or a letter, try giving people a call to thank them instead. After all, people’s routines have been disrupted, and they’re feeling more isolated than ever before. Hearing your friendly voice, and discussing something that evokes feelings of hope (like your institution), can add extra positivity to someone’s day. 

 

4. Expand Your Acknowledgement Process

Go beyond the donors, and expand your acknowledgment process. Don’t stop at expressing gratitude only to the people who’ve given a gift; include those who are fundraising on your behalf in your communication process. 

Additionally, pay attention to people who are sharing heartwarming stories about your institution on social media, and take the time to thank them. Expressing this gratitude one-on-one is great, but so is sharing their posts on your social media channels (with their permission). Doing this will amplify the appreciation on both sides while encouraging others to follow suit. 

 

Relevant Acknowledgment for Advancement: Final Thoughts

  • To recap, your current acknowledgment process likely needs an update for this pandemic world.
  • The current landscape for individual giving to nonprofits looks dire. Therefore, change is essential to survival.
  • When it comes to your acknowledgment process, don’t follow the status quo.
    • Change your verbiage, so that people can see how the current landscape has affected your institution and your community. 
    • Don’t set gift restrictions—thank donors at every level.
    • When thanking your donors, get personal. A quick phone call can come across as more heartfelt than your standard acknowledgment email. 
    • Expand your acknowledgment process to include those who are fundraising on your behalf and those who are sharing your institution’s stories on social media.

 

With these actions, you’ll be sure to strike a friendly, positive chord with those you’re acknowledging. These tips will help you in strengthening and maintaining your donor relationships for years to come.

 

If you would like an assessment and clear roadmap, contact us to Future Proof Your Acknowledgment Process.

 

We will help you create an acknowledgment process that is not only effective during the pandemic but sets you up for being responsive to your donors in the future.