Risk Management in Nonprofit Organisations

The benefits of modern IT are commonly spruiked. Less often discussed. However, are potential risks. As important as maintaining current infrastructure and adopting modern technology, identifying these risks and planning for a worst-case scenario is the key to risk management in nonprofit organisations. Read on for information about common IT concerns facing NFPs and how to mitigate them. 

CONTROL YOUR DATA

It’s safe to assume you, as well as a large proportion of your staff, have company emails accessible on a mobile device such as a smartphone. Considering the amount of sensitive information communicated via email, it’s not hard to imagine the potential impact of one of these devices being lost or stolen and getting into the wrong hands. Rather than tethering workers to their desks by restricting email access to workstations, consider implementing Mobile Device Management (MDM) which allows for fine tuned control of how your data is accessed and shared on phones, tablets and laptops as well as providing protection against misplaced devices with remote lockdown and secure erase.

It’s all well and good to ensure your data is safe from those who shouldn’t be accessing it, but what about those who should? Whether by negligence or other means, user actions can often lead to the loss of sensitive company data. Data Loss Prevention (DLP) services can protect financial information, intellectual property and the private information of your employees, volunteers and clients by intelligently analysing communications and automatically removing or replacing sensitive information. Alternatively, such communications can be transparently sent to managers for review before either being allowed or rejected ensuring internal policies are being adhered to.

AUDITING ACCESS

Going hand in hand with controlling access to your company’s information is auditing said access to cover compliance and liability in a worst-case scenario. Thankfully, many modern DLP offerings include advanced reporting and compliance tools as well as customised alerting, while requiring minimal input to administer. Furthermore, with major cloud providers catering for data sovereignty and other regulatory aspects, as well as offering NFP exclusive pricing, moving to the cloud is an attractive prospect for nonprofit organisations looking to reduce IT risks.

When considering security, it’s important not to overlook the basics. Up to date spam filtering, firewalls and endpoint protection, while familiar, can offer much more than just defence against viruses. When implemented correctly each offers novel methods of combatting ransomware and other types of advanced malware.  Protection is only half of the battle though – just as important are your disaster recovery and backup systems.  Alongside being stored locally on fault redundant storage, backups should be replicated to a secure off-site location as not only does this reduce the risks of restores failing due to corruption but also those of data loss due natural disaster such as fires and floods.

DISASTER RECOVERY

Disaster recovery is about getting back to business as usual while minimising downtime and impact during a large-scale IT disruption. It requires clearly defined policy and procedure but also infrastructure that caters to location agnostic access. Due to their nature, private and public cloud offerings are ideal for such deployments, though with careful planning on-site systems can achieve somewhat comparable levels of resiliency utilising preexisting hardware – provided multiple sites are available for failover.

While there are many potential risks facing nonprofit organisations there is also an abundance of products and services catered to addressing them. Partnered with solid policy and thoughtful planning and implementation the benefits of focusing on a forward-thinking IT strategy shine, while the risks to your business as a whole are reduced - hopefully giving you one less thing to worry about.

How Powernet Can Help

At Powernet we’re passionate about helping others and take pride in empowering not-for-profits (NFPs) through technology. Whether it be by assisting collaboration, streamlining communication, or enabling an ever more mobile workforce.