In its 2018 State of Nonprofit Cybersecurity report, the Nonprofit Technology Network (NTEN) found that 60% of nonprofits do not provide any kind of security training to their staff. And small businesses don’t do much better – with only 55% of businesses with less than 100 employees having provided training.
It’s time to change that, and it’s easier to start than we might think. Here are 10 actionable recommendations for you to implement in your organization – provided by Joshua Peskay, VP of Technology Strategy at RoundTable Technology and a faculty member at NTEN:
- Verify – slow down and always verify before taking any action (even clicking a link) based on an email, text message or phone call.
- Update – keep your devices (phones, tablets, and computers) completely up-to-date with current software.
- 2FA – turn on 2FA (2-Factor Authentication) everywhere you can, but especially with email, document management, and database applications.
- Passwords – Start using a password manager such as LastPass, 1Password or Dashlane. If you are already using one, work to improve your security score.
- Wi-Fi – Avoid using public wi-fi wherever possible. Use your mobile hotspot instead.
- VPN – Use a virtual private network (VPN) such as NordVPN or ExpressVPN as much as possible, but especially if you have to use public wi-fi.
- Encrypt – Encrypt your devices, emails, and communications. Start using apps like Signal for messaging, voice and video.
- Monitor – Sign up for HaveIBeenPwned or Firefox Monitor to get alerts if any of your email addresses show up in data breaches
- SIM – Protect your mobile number from being stolen.
- Learn – Stay informed about good practices and new threats by subscribing to at least one newsletter or podcast on cybersecurity.
If you wish to learn more, sign up for RoundTable’s free webinar, “The Best Free One-Hour Cybersecurity Awareness Training Ever,” on January 15 at 12:00 pm EST.