{"id":37097,"date":"2024-02-06T11:17:25","date_gmt":"2024-02-06T16:17:25","guid":{"rendered":"https:\/\/www.qgiv.com\/blog\/?p=37097"},"modified":"2024-07-03T12:51:23","modified_gmt":"2024-07-03T16:51:23","slug":"cybersecurity-for-nonprofits","status":"publish","type":"post","link":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/","title":{"rendered":"Safeguarding Good: Cybersecurity for Nonprofits 101"},"content":{"rendered":"\n<p>As technology advances, the fundraising landscape becomes more and more focused on digital solutions to reach wider audiences. However, these convenient fundraising options come with a risk many in the nonprofit world aren\u2019t very familiar with\u2014cybersecurity. <\/p>\n\n\n\n<p>The importance of cybersecurity for nonprofits can\u2019t be overstated, and your organization is not immune to the constantly evolving cyber threats that come with sharing information through the internet. Despite this risk, there are some best practices that you can implement that allow you to fundraise online without the constant worry of a cyberattack.&nbsp;&nbsp;<\/p>\n\n\n\n<ul>\n<li><a href=\"#what\">What is cybersecurity for nonprofits?<\/a><\/li>\n\n\n\n<li><a href=\"#why\">Why do nonprofits need to worry about cybersecurity?<\/a><\/li>\n\n\n\n<li><a href=\"#vulnerable\">Why are nonprofits vulnerable to cybersecurity attacks?<\/a><\/li>\n\n\n\n<li><a href=\"#types\">Common type of cyberattacks<\/a><\/li>\n\n\n\n<li><a href=\"#NIST\">NIST guidelines for cybersecurity<\/a><\/li>\n\n\n\n<li><a href=\"#best-practices\">Nonprofit cybersecurity best practices<\/a><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what\">What is cybersecurity for nonprofits?&nbsp;<\/h2>\n\n\n\n<p>Cybersecurity for nonprofits is the practices, technologies, and strategies you employ to protect your digital assets, sensitive data, and online operations from possible cyber threats. Cybersecurity is the proactive approach you take to identify any vulnerable points, implement simple protective measures, and effectively respond to potential attacks.&nbsp;<\/p>\n\n\n<div class=\"hs-cta-embed hs-cta-simple-placeholder hs-cta-embed-162047699331\"\n  style=\"max-width:100%; max-height:100%; width:750px;height:225px\" data-hubspot-wrapper-cta-id=\"162047699331\"><br \/>\n  <a href=\"https:\/\/cta-service-cms2.hubspot.com\/web-interactives\/public\/v1\/track\/redirect?encryptedPayload=AVxigLJZJOF%2FJYRxgKfYIdmRo8cOpM3bvK%2FXOeru7Y118%2F3LvwRJoJThOHNf2g882SzzS%2F%2FeiIsbb9%2FMrwe%2BFXMTNFP3C0P7NTbK%2B40Zw2e4mW2CEBYs%2BDkZiPZ9oK3fqxTsE7JXdrqMEVuee1jtM9PNQkVHe7UQsRhxWIk1W2QDEqhS93jGi3FWit6Y2QJ%2FFLRg&#038;webInteractiveContentId=162047699331&#038;portalId=8356283\" target=\"_blank\" rel=\"noopener\" crossorigin=\"anonymous\"><br \/>\n    <img decoding=\"async\" alt=\"\" loading=\"lazy\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/8356283\/interactive-162047699331.png\" style=\"height: 100%; width: 100%; object-fit: fill\"\n      onerror=\"this.style.display='none'\" \/><br \/>\n  <\/a>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why\">Why do nonprofits need to worry about cybersecurity?&nbsp;<\/h2>\n\n\n\n<p>Did you know that, according to the <a href=\"https:\/\/www.nptechforgood.com\/wp-content\/uploads\/2023\/02\/Nonprofit-Tech-for-Good-Report-Final2-2023.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">2023 Nonprofit Tech for Good Report<\/a>, 27% of nonprofits have experienced a cyberattack? There are a few reasons why your organization should be concerned with cybersecurity, but the number one reason for concern is protecting personal information. Your nonprofit handles a lot of sensitive personal information from all the donations you receive and all the people you help. Your community trusts you to keep their private information safe, whether it\u2019s your donors\u2019 payment information or personal details about who you\u2019re helping. Failing to secure this information not only exposes these people to privacy breaches, but it also puts your organization\u2019s reputation and ability to help others at risk.&nbsp;<\/p>\n\n\n\n<p>When talking about cybersecurity with your team, it\u2019s important to remember that cybersecurity is everyone\u2019s responsibility. Every individual within your nonprofit, from staff to volunteers, plays a crucial role in maintaining cybersecurity. A collective effort from your entire team is required to maintain a strong defense against possible cyber threats.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"vulnerable\">Why are nonprofits vulnerable to cybersecurity attacks?&nbsp;<\/h2>\n\n\n\n<p>While your organization might not have as much personal information floating around as a large corporation, it doesn\u2019t mean you\u2019re not at risk. In fact, some cyberattacks can specifically target nonprofits because it\u2019s assumed you\u2019ll have less of a defense than a for-profit company. Nonprofits can underestimate cyberattacks. It\u2019s easy to assume you\u2019re not an appealing target for cyberattacks, which can leave you unprepared, making you an easier mark for cyber threats.&nbsp;<\/p>\n\n\n\n<p>Because nonprofits run off of donations, many organizations also have limited access to IT support. If you\u2019re operating with limited resources, IT support might not seem like the biggest priority for you cost-wise. This limitation can make it even more challenging to implement and maintain comprehensive cybersecurity measures.&nbsp;&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"types\">Common types of cyberattacks&nbsp;<\/h2>\n\n\n\n<p>There are many different cyber threats in the digital world, but four types of cyberattacks are more commonly seen in the fundraising world.&nbsp;<\/p>\n\n\n\n<ul>\n<li><a href=\"https:\/\/blog.knowbe4.com\/phishing-remains-common-attack-technique\" target=\"_blank\" rel=\"noreferrer noopener\">Phishing<\/a><strong>.<\/strong> Have you ever received an email from a fake account posing as Amazon or Apple, for example, asking you to click a link? That\u2019s phishing! Phishing involves fraudulent attempts to obtain sensitive information by disguising the correspondence as if it were from a trustworthy entity. Your organization needs to educate your staff to recognize phishing attempts and avoid falling victim to these deceptive tactics.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/blog.knowbe4.com\/fbi-alert-domain-spoofing-ceo-fraud\" target=\"_blank\" rel=\"noreferrer noopener\">Spoofing<\/a><strong>.<\/strong> Spoofing occurs when someone with malicious intent disguises their identity to gain unauthorized access to systems or data. This can be in the form of an email\u2014similar to phishing. Or it can be an entirely fake website where someone creates a lookalike version of your donation form in order to trick your donors. Your organization <em>must <\/em>implement authentication measures to prevent spoofing.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/blog.knowbe4.com\/seven-kinds-of-malware-and-all-arrive-by-social-engineering\" target=\"_blank\" rel=\"noreferrer noopener\">Malware<\/a><strong>.<\/strong> Malware, which includes viruses and ransomware, poses a significant threat to nonprofits. There are many types of malware that can be downloaded onto a computer in different ways to steal information, so it\u2019s best to educate your team on multiple malware types to defend against. Regularly updating your antivirus software and conducting security audits can help you mitigate the risk.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/www.cisa.gov\/news-events\/news\/understanding-denial-service-attacks\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Denial-of-service attacks<\/strong><\/a><strong>. <\/strong>Denial-of-service (DDoS) attacks aim to disrupt an organization&#8217;s online services by overflowing your system with fake requests. These attacks can prevent your donors from reaching your website to attempt to force your nonprofit to pay a ransom to the hackers. There are many resilient network infrastructures and DoS mitigation strategies your organization can use to minimize the risk of an attack.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"NIST\">NIST guidelines for cybersecurity&nbsp;<\/h2>\n\n\n\n<p>While you should still establish a comprehensive cybersecurity plan, <a href=\"https:\/\/www.ftc.gov\/business-guidance\/small-businesses\/cybersecurity\/nist-framework\" target=\"_blank\" rel=\"noreferrer noopener\">The National Institute of Standards and Technology (NIST)<\/a> provides a comprehensive framework for effective cybersecurity you can follow to get an understanding of what your plan should include. This framework consists of these five key elements:&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Identify.<\/strong> Understand and document your organization&#8217;s assets, risks, and vulnerabilities.&nbsp;<\/li>\n\n\n\n<li><strong>Protect.<\/strong> Implement safeguards to ensure the security and privacy of all your data and systems.&nbsp;<\/li>\n\n\n\n<li><strong>Detect. <\/strong>Establish procedures for your team to identify and respond to cybersecurity events quickly.&nbsp;<\/li>\n\n\n\n<li><strong>Respond.<\/strong> Develop and implement an incident response plan for your organization to notify all necessary parties and mitigate the impact of cyberattacks.&nbsp;<\/li>\n\n\n\n<li><strong>Recover.<\/strong> Create strategies to restore any equipment that was impaired due to a cybersecurity incident and keep your community updated.&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"hs-cta-embed hs-cta-simple-placeholder hs-cta-embed-162047699126\"\n  style=\"max-width:100%; max-height:100%; width:750px;height:225px\" data-hubspot-wrapper-cta-id=\"162047699126\"><br \/>\n  <a href=\"https:\/\/cta-service-cms2.hubspot.com\/web-interactives\/public\/v1\/track\/redirect?encryptedPayload=AVxigLJ3eaU9MmIeXDhhxaAo5lQO3TqxrAF%2BOK2z%2Fd9CC3tJkT2GTgemaGBoGtEIEZ8jRCIVIDbReXux5iY4r2j9fCTkc4nEDc03neafwp%2BmzU2KNe5b8hS46DMiuRAK3vTKxPC6dHmJTzGfn9NOoNCAPIN8KUuod7W4GrN%2B0uquDA8b%2BWFpKEQTvBRPpB%2B35V4ril9duLzQG9zgBLhgBytqz6HmV79fDA%3D%3D&#038;webInteractiveContentId=162047699126&#038;portalId=8356283\" target=\"_blank\" rel=\"noopener\" crossorigin=\"anonymous\"><br \/>\n    <img decoding=\"async\" alt=\"\" loading=\"lazy\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/8356283\/interactive-162047699126.png\" style=\"height: 100%; width: 100%; object-fit: fill\"\n      onerror=\"this.style.display='none'\" \/><br \/>\n  <\/a>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"best-practices\">Nonprofit cybersecurity best practices&nbsp;<\/h2>\n\n\n\n<p>To decrease your nonprofit&#8217;s risk of experiencing a cyberattack, use these best practices to create a cybersecurity plan.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Assessing cybersecurity risks&nbsp;<\/h3>\n\n\n\n<p>Before creating your cybersecurity plan, there are a few key risks your organization should assess to help you properly plan for cyber threats.&nbsp;&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Vulnerable software<\/strong>. One of these primary risks for cyberattacks is vulnerable software. To prevent a cyber threat through software, you can regularly check your software\u2019s security by conducting thorough vulnerability scans. These scans help you identify and address any weaknesses or outdated versions of old software. A simple way to stay ahead of potential weaknesses is by implementing automatic updates for software applications.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Staff.<\/strong> Another risk to assess is your staff. Your team can unknowingly expose your nonprofit to cyberattacks by clicking on malicious links or falling victim to phishing attacks. You can counter this risk by conducting scheduled training sessions to educate your team on cybersecurity best practices and common attack vectors.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Hardware vulnerabilities. <\/strong>The last key risk to assess is your organization&#8217;s equipment. Hardware vulnerabilities can pose a huge risk to your cybersecurity. Ensure that your nonprofit is regularly evaluating your equipment\u2019s security, from your servers to your computers. Security measures, such as firewalls and antivirus software, can help keep your equipment safe from cyber threats.&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-drop-shadow wp-rounded-corners\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" width=\"1024\" height=\"682\" src=\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-using-laptop-1024x682.jpg\" alt=\"someone using a laptop to try to breach the cybersecurity of a nonprofit\" class=\"wp-image-37102\" srcset=\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-using-laptop-1024x682.jpg 1024w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-using-laptop-300x200.jpg 300w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-using-laptop-768x512.jpg 768w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-using-laptop.jpg 1280w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Creating a data breach response&nbsp;<\/h3>\n\n\n\n<p>Once you\u2019ve assessed your possible secuirty risks, you can start creating your own data breach plan.&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Secure sensitive information. <\/strong>When creating your <a href=\"https:\/\/www.ftc.gov\/business-guidance\/resources\/data-breach-response-guide-business\" target=\"_blank\" rel=\"noreferrer noopener\">data breach response<\/a>, one of your key focuses should be securing your sensitive information. If you experience a cybersecurity breach, it\u2019s necessary to act as quickly as possible to prevent any further loss. Securing your sensitive information by isolating any affected systems, limiting system access, and taking measures to stop the spread of the breach needs to be your priority during a breach.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Fix vulnerable points.<\/strong> After the breach, your focus should be on fixing vulnerable points. The first step is identifying and addressing the points that led to the breach. To address these points, start by patching software, updating configurations, or implementing additional security measures to cover the vulnerable points. Being proactive about fixing vulnerabilities helps you prevent any future attacks and strengthens your overall cybersecurity.&nbsp;<\/li>\n\n\n\n<li><strong>Notify affected parties. <\/strong>If you experience a cyberattack, you must notify any necessary parties. Communicating any affected parties quickly is crucial for transparency, as well as to help your community secure their information.&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Educating your team&nbsp;<\/h3>\n\n\n\n<p>Because the responsibility of cybersecuirty falls on everyone, you need to keep you and your team educated.&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Best practices. <\/strong>To prevent a cyber threat, you need to train your team on best practices and common types of attacks to look for. Continuous education is key to maintaining a safe workforce. You can host regular training sessions to educate your team on the latest cybersecurity best practices and common threats they may face. This will help them recognize phishing attempts, practice safe browsing habits, and understand how to maintain healthy cybersecurity.&nbsp;<\/li>\n\n\n\n<li><strong>Breach plan. <\/strong>When you\u2019re training your team, provide them with the steps for your breach plan. With clear and concise steps for reporting potential incidents, your team will be prepared in case of a threat. You can also outline the roles and responsibilities of each team member during a cybersecurity crisis to ensure everyone is ready.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Updated training. <\/strong>The digital world and the threats that come with it are constantly evolving, so you need to update training whenever necessary. Update any training materials to reflect the latest cybersecurity trends, threats, and prevention strategies to keep your staff up to date.&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Updating your software&nbsp;<\/h3>\n\n\n\n<p>Another way to help you prevent any cyberattacks is to keep your software updated.&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Automatic software updates.<\/strong> One way to keep your software up to date is to set your software to update automatically for any software applications and operating systems. This makes sure that your systems are operating with the latest security patches and bug fixes, reducing vulnerability to potential exploits.&nbsp;<\/li>\n\n\n\n<li><strong>Advanced cybersecurity software.<\/strong> You should also stay up to date on cybersecurity software and solutions. Implementing advanced software can help provide an extra layer of defense to your cybersecurity plans.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Cybersecurity audits. <\/strong>Consider performing regular cybersecurity audits to ensure all of your systems are up to date and rewview for potential new risks.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Securing files and sensitive information&nbsp;<\/h3>\n\n\n\n<p>Don\u2019t let your physical security fall short because of a focus on the digital world!&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Offline files. <\/strong>Your files and sensitive information need to be secured, even if they\u2019re offline.&nbsp; Ensuring your offline files and backups are secure can help you save data in the event of cyberattack.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Unattended devices. <\/strong>Another important part of securing your sensitive information is to not leave any devices unattended. Unattended devices are easy targets for theft or unauthorized access, and you should encourage your staff to lock their devices when not in use, no matter their location.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Encryption. <\/strong>Encrypting your devices is another way you can protect sensitive information and add an extra layer of protection. If one of your staff\u2019s devices is stolen, the encrypted data remains unreadable without the appropriate decryption keys.&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-drop-shadow wp-rounded-corners\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone-1024x768.jpg\" alt=\"a locked cell phone to represent the cybersecurity for nonprofits best practice of locking your unattended devices\" class=\"wp-image-37101\" srcset=\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone-1024x768.jpg 1024w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone-300x225.jpg 300w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone-768x576.jpg 768w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone-1536x1152.jpg 1536w, https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/locked-cell-phone.jpg 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Keeping your accounts safe&nbsp;<\/h3>\n\n\n\n<p>Another way to keep your information safe is by keeping your accounts safe.&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Strong passwords.<\/strong> Strong passwords are a critical line of defense for your cybersecurity. You should create password policies that include a combination of uppercase and lowercase letters, numbers, and special characters. These policies should also discourage the use of easily guessable passwords and encourage frequent password changes.&nbsp;<\/li>\n\n\n\n<li><strong>Password management software. <\/strong>An easy way to ensure everyone\u2019s passwords are secure is by implementing password software. Password management software helps facilitate the creation and secure storage of complex passwords. Using a password manager not only enhances your security but also helps simplify the management of multiple credentials across various accounts.&nbsp;<\/li>\n\n\n\n<li><strong>Multi-factor authentication. <\/strong>Multi-factor authentication can also help you add an additional layer of security by requiring your team to provide multiple forms of identification. Implement multi-factor authentication for important accounts to mitigate the risk of unauthorized access, even if the login credentials are compromised.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Securing your router&nbsp;<\/h3>\n\n\n\n<p>Our final tip for better cybersecurity is to secure your router.&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Default name and password.&nbsp;<\/strong> Routers are a primary target for cyber attackers because it\u2019s an easy way for them to get on your network and access your data. When you set up your router, change the default name and password.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Remote management capabilities. <\/strong>You should also turn off remote management capabilities to avoid them being exploited by attackers.&nbsp;&nbsp;<\/li>\n\n\n\n<li><strong>Encryption. <\/strong>Your nonprofit should also use at least WPA2 or WPA3 <a href=\"https:\/\/www.pcmag.com\/explainers\/what-is-wpa3-secure-wifi-how-to-set-it-up-on-your-router\" target=\"_blank\" rel=\"noreferrer noopener\">encryption<\/a> for your network. Wi-fi encryption is crucial for protecting the confidentiality of data transmitted over your network.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Final thoughts&nbsp;<\/h2>\n\n\n\n<p>Cybersecurity isn\u2019t a one-time training session. As the digital world evolves, your cybersecurity practices will require continuous attention and adaptation. Prioritize the safety of your digital assets and confidentiality of sensitive information your community entrusts in your nonprofit.&nbsp;&nbsp;<\/p>\n\n\n\n<p>By utilizing these best practices, keeping informed about emerging threats, and creating a culture of cybersecurity awareness, your organization can continue to navigate the digital landscape with resilience and confidence.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Additional resources&nbsp;<\/h3>\n\n\n\n<ul>\n<li><a href=\"https:\/\/www.qgiv.com\/blog\/fraud-prevention-101\/\" target=\"_blank\" rel=\"noreferrer noopener\">Fraud Prevention 101: How Qgiv Keeps Fraud at Bay. <\/a>Learn key ways Qgiv helps protect you from fraud.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/www.qgiv.com\/blog\/advanced-fraud-mitigation\/\" target=\"_blank\" rel=\"noreferrer noopener\">Advanced Fraud Mitigation with Qgiv Donation Forms<\/a>. Check out these advanced fraud mitigation tools implemented on Qgic donation forms.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/www.qgiv.com\/blog\/data-privacy-for-nonprofits-what-to-do-and-what-to-absolutely-stop-doing\/\" target=\"_blank\" rel=\"noreferrer noopener\">Data Privacy for Nonprofits: What to Do (and What to Absolutely Stop Doing). <\/a>Take a look at more tips to keep your data private.&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/bloomerang.co\/webinar\/video-donors-data-privacy-security-and-doing-whats-right\/\" target=\"_blank\" rel=\"noreferrer noopener\">Donors, Data Privacy &amp; Security, and Doing What\u2019s \u201cRight\u201d &#8211; Bloomerang<\/a>. Learn more information on keeping your donors\u2019 information secure.&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"hs-cta-embed hs-cta-simple-placeholder hs-cta-embed-162047699091\"\n  style=\"max-width:100%; max-height:100%; width:715px;height:230px\" data-hubspot-wrapper-cta-id=\"162047699091\"><br \/>\n  <a href=\"https:\/\/cta-service-cms2.hubspot.com\/web-interactives\/public\/v1\/track\/redirect?encryptedPayload=AVxigLINplnS4kmu%2FoHjJmivAyUP%2F3gGcgGz7sAop9btbGjWNSDh7KGnpFRr49NvjSOOLEgx8ximvp9gvqH7tMYJLKqS3szgrqLLf0%2Fs4%2BvsIv7fkB5lEcVLkUAo5y9dcap2SMiLsqmvrcqgemouEGUAQd3JohhyL5j6czSaRhEY8CNHGQiMnkGw%2FA8%3D&#038;webInteractiveContentId=162047699091&#038;portalId=8356283\" target=\"_blank\" rel=\"noopener\" crossorigin=\"anonymous\"><br \/>\n    <img decoding=\"async\" alt=\"Increase online fundraising with Qgiv! Request a Demo\" loading=\"lazy\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/8356283\/interactive-162047699091.png\" style=\"height: 100%; width: 100%; object-fit: fill\"\n      onerror=\"this.style.display='none'\" \/><br \/>\n  <\/a>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>As technology advances, the fundraising landscape becomes more and more focused on digital solutions to reach wider audiences. However, these convenient fundraising options come with a risk many in the nonprofit world aren\u2019t very familiar with\u2014cybersecurity. The importance of cybersecurity for nonprofits can\u2019t be overstated, and your organization is not immune to the constantly evolving [&hellip;]<\/p>\n","protected":false},"author":50,"featured_media":37100,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[271,265,261,273],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations<\/title>\n<meta name=\"description\" content=\"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations\" \/>\n<meta property=\"og:description\" content=\"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\" \/>\n<meta property=\"og:site_name\" content=\"Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-06T16:17:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-03T16:51:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-coding-on-laptop.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Megan Allison\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Allison\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\"},\"author\":{\"name\":\"Megan Allison\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/194dab067187a115560cb6beb0fa36f9\"},\"headline\":\"Safeguarding Good: Cybersecurity for Nonprofits 101\",\"datePublished\":\"2024-02-06T16:17:25+00:00\",\"dateModified\":\"2024-07-03T16:51:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\"},\"wordCount\":2260,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/#organization\"},\"articleSection\":[\"Fundraising practices\",\"Nonprofit management\",\"Nonprofit strategies\",\"Virtual fundraising\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\",\"url\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\",\"name\":\"Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations\",\"isPartOf\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/#website\"},\"datePublished\":\"2024-02-06T16:17:25+00:00\",\"dateModified\":\"2024-07-03T16:51:23+00:00\",\"description\":\"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.qgiv.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fundraising practices\",\"item\":\"https:\/\/www.qgiv.com\/blog\/category\/fundraising-practices\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Safeguarding Good: Cybersecurity for Nonprofits 101\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#website\",\"url\":\"https:\/\/www.qgiv.com\/blog\/\",\"name\":\"Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.qgiv.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#organization\",\"name\":\"Bloomerang Fundraising, formerly Qgiv\",\"url\":\"https:\/\/www.qgiv.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2025\/09\/Bloomerang-Product-Lockup-Pos-Fundraising-Digital.png\",\"contentUrl\":\"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2025\/09\/Bloomerang-Product-Lockup-Pos-Fundraising-Digital.png\",\"width\":1425,\"height\":515,\"caption\":\"Bloomerang Fundraising, formerly Qgiv\"},\"image\":{\"@id\":\"https:\/\/www.qgiv.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/194dab067187a115560cb6beb0fa36f9\",\"name\":\"Megan Allison\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6addd4091eea91055483b364215042c4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6addd4091eea91055483b364215042c4?s=96&d=mm&r=g\",\"caption\":\"Megan Allison\"},\"description\":\"Megan is a writer at Bloomerang who takes pride in helping nonprofits. In her freetime, she enjoys reading, music, and playing with her two cats.\",\"url\":\"https:\/\/www.qgiv.com\/blog\/author\/megan-allison\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations","description":"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/","og_locale":"en_US","og_type":"article","og_title":"Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations","og_description":"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.","og_url":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/","og_site_name":"Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations","article_published_time":"2024-02-06T16:17:25+00:00","article_modified_time":"2024-07-03T16:51:23+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2024\/01\/person-coding-on-laptop.jpg","type":"image\/jpeg"}],"author":"Megan Allison","twitter_misc":{"Written by":"Megan Allison","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#article","isPartOf":{"@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/"},"author":{"name":"Megan Allison","@id":"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/194dab067187a115560cb6beb0fa36f9"},"headline":"Safeguarding Good: Cybersecurity for Nonprofits 101","datePublished":"2024-02-06T16:17:25+00:00","dateModified":"2024-07-03T16:51:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/"},"wordCount":2260,"commentCount":0,"publisher":{"@id":"https:\/\/www.qgiv.com\/blog\/#organization"},"articleSection":["Fundraising practices","Nonprofit management","Nonprofit strategies","Virtual fundraising"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/","url":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/","name":"Safeguarding Good: Cybersecurity for Nonprofits 101 - Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations","isPartOf":{"@id":"https:\/\/www.qgiv.com\/blog\/#website"},"datePublished":"2024-02-06T16:17:25+00:00","dateModified":"2024-07-03T16:51:23+00:00","description":"Keeping your data private can be tough with how quickly technology evolves! This guide to cybersecurity for nonprofits will help keep your information secure.","breadcrumb":{"@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.qgiv.com\/blog\/cybersecurity-for-nonprofits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.qgiv.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Fundraising practices","item":"https:\/\/www.qgiv.com\/blog\/category\/fundraising-practices\/"},{"@type":"ListItem","position":3,"name":"Safeguarding Good: Cybersecurity for Nonprofits 101"}]},{"@type":"WebSite","@id":"https:\/\/www.qgiv.com\/blog\/#website","url":"https:\/\/www.qgiv.com\/blog\/","name":"Fundraising Blog for Nonprofit, Educational, and Faith-Based Organizations","description":"","publisher":{"@id":"https:\/\/www.qgiv.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.qgiv.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.qgiv.com\/blog\/#organization","name":"Bloomerang Fundraising, formerly Qgiv","url":"https:\/\/www.qgiv.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.qgiv.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2025\/09\/Bloomerang-Product-Lockup-Pos-Fundraising-Digital.png","contentUrl":"https:\/\/www.qgiv.com\/blog\/wp-content\/uploads\/2025\/09\/Bloomerang-Product-Lockup-Pos-Fundraising-Digital.png","width":1425,"height":515,"caption":"Bloomerang Fundraising, formerly Qgiv"},"image":{"@id":"https:\/\/www.qgiv.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/194dab067187a115560cb6beb0fa36f9","name":"Megan Allison","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.qgiv.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6addd4091eea91055483b364215042c4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6addd4091eea91055483b364215042c4?s=96&d=mm&r=g","caption":"Megan Allison"},"description":"Megan is a writer at Bloomerang who takes pride in helping nonprofits. In her freetime, she enjoys reading, music, and playing with her two cats.","url":"https:\/\/www.qgiv.com\/blog\/author\/megan-allison\/"}]}},"_links":{"self":[{"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/posts\/37097"}],"collection":[{"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/users\/50"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/comments?post=37097"}],"version-history":[{"count":6,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/posts\/37097\/revisions"}],"predecessor-version":[{"id":38045,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/posts\/37097\/revisions\/38045"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/media\/37100"}],"wp:attachment":[{"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/media?parent=37097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/categories?post=37097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qgiv.com\/blog\/wp-json\/wp\/v2\/tags?post=37097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}