Nonprofit Resources
National Cybersecurity Awareness Month: Own IT
October is National Cybersecurity Awareness Month, and each week we’ll provide resources to help you increase your organization’s cybersecurity knowledge and decrease your risk.
The Department of Homeland Security is focusing on the theme of “Own IT. Secure IT. Protect IT.” This week we’ll look at ways your organization and employees can “Own IT” to reduce your risk and better protect your organization and its data, employees, and donors.
Document What You Own
You may have heard the saying “You can’t manage what you can’t measure.” With all the connected devices, software, and applications out there, it can be hard to know what’s in use on your network. But you can only make sure everything is secure if you know exactly what you’re using.
- Start by creating a hardware inventory. This inventory should include computers, servers, networking equipment (such as firewalls and routers), copiers, printers, and smart devices (also referred to as “IoT” or “Internet of Things” devices). Any equipment that can receive security updates should be included.
- Then follow these three steps to develop an inventory of the applications and software used at your organization and maintain it going forward.
- It’s important to know what data you have, too. This article explains how to create and use an information governance program to identify, classify, and secure your organization’s data. This can lead to a reduction in costs and organizational risk.
Refer to these tips for developing a strategy to be able to measure and manage your company’s technology assets.
Understand the Risk and Current Threats
For most of us, Internet-based devices are now an integral part of our lives at home, at work, and on the go.
While this connectivity provides unprecedented convenience and efficiency, it also brings new risks. It’s important to understand the devices, software, and applications you use every day and be aware of the current threats that accompany these technologies.
- Mobile devices offer tremendous flexibility. But any device with access to your organization’s email or data needs to be kept as secure as possible, no matter who owns it. Consider these steps to address mobile device security in a way that balances security and productivity.
- One human error can be all it takes for an attempted cyber breach to turn into a successful one, and anyone can be a victim. It’s important for each member of an organization to take ownership of cybersecurity awareness. Learn about social engineering and how you can strengthen your most important line of defense against it.
- If you offer guest Wi-Fi, follow these tips to safeguard it. (Although this article is written for churches, the recommendations apply to any organization with guest W-Fi access.)
- Smart devices may seem harmless enough, but many organizations overlook the security risks. Be aware that something as simple as a smart thermostat can lead to a major cybersecurity breach.
Have questions about these or other cybersecurity issues? Please contact us at [email protected]. You can also access additional cybersecurity articles and blog posts on our website.
DID YOU KNOW?
According to the 2019 Verizon Data Breach Investigations Report, 56% of breaches took months or longer to discover. And in many cases, it’s not the organization that spots the breach — it’s often a third party, like law enforcement or a partner.