The loss of sensitive data is a major worry for charities. The statistics bear their concerns out, as one third of the sector reported a data breach in the last two years. Ensuring vital information, and therefore a charity's reputation, is protected from cyber threats is a daily priority.
Many current and emerging technologies will deliver charities’ security objectives. Those with a cautious attitude face falling behind more progressive organisations. Budget is another determining factor. Before committing to precious spend, charities must be confident that the technology they choose will meet their criteria.
In our experience working with charities at IT Lab, these typically include:
- Value for money
- Ease of implementation
- Ongoing support
- Must enhance – not hinder - the user experience
- Scalable - both up and down
A cloud platform is the gateway to greater security and operational and cost efficiencies. One respected charity to embrace the cloud opportunities is Diabetes UK, you can read their story here.
In a 2017 whitepaper, No charity left behind: the need for a digital third sector, Tech Trust surveyed 1,261 charities. It found that while 63% of charities utilised the cloud for at least one of their core applications, only 41% allowed their staff to access their systems on their own devices. This suggests that many are not aware of – or have yet to adopt - Identity and Access Management technologies.
Tools such as Single Sign-on, Mobile Device Management and Multi-Factor Authentication enable charities and not-for-profits to control their employees’ access to core applications via their personal, as well as work, devices. Security is fundamental to the user-friendly process. Not only does this promote the use of more cloud-based systems and applications, it gives staff greater autonomy, increases the likelihood of users acting in a safe way and provides the freedom to work flexibly.
Tech Trust also found that many charities continue to run their Customer Relationship Management (CRM) and associated systems on physical servers, often holding valuable data offline.
This means they're more vulnerable to cyber-attack, lack access to real-time data, and don't have the advantage of the security, backups and Disaster Recovery (DR) redundancy afforded by cloud technologies.