This is the sixth in a series of articles addressing top technology challenges facing nonprofit organizations. If you have a suggested topic, please email us, and we will try to address that topic in an upcoming article!
While we’ve all seen the security breach headlines of financial institutions, grocery stores, Target, and Sony, the latest Democratic National Committee email breach sent shockwaves through the nonprofit world as organizations quickly realized they too might be targeted.
Even while understanding its importance, our customers often struggle with developing, updating, and enforcing IT management and security policies that protect their critical information. When developing a comprehensive IT Management and Security Policy, be sure that it is easy for staff to understand and follow – finding the balance between policies and procedures that support physical and virtual security while ensuring employees have access to the data when and where they need it to stay productive is key.
Training organizational leaders and staff is also critical; if they understand the serious organizational consequences of a data security breaches and how to avoid them, they will be more engaged in following security protocols. We also recommend using solutions, such as password managers, that help automate security functions. And finally, plan to review and update your IT policies annually to ensure they keep pace with the ever changing changing technology.
In order to protect the privacy, accuracy, security and integrity of your data, we recommend developing a comprehensive IT Management and Security Policy that includes the following:
· Acceptable Use
· Social Media
· Media Access / Portable Storage
· Mobile Devices
· Password Security
· Laptop Security
· Administrative Rights
· Remote Access
· Network Data
For more information about data security policies and practices, download Sinu's free IT Policy & Security Starter Kit including sample IT policies, security guidelines and other tools that your organization can use as a starting point when managing your IT. Sinu has experience working with nonprofits in a number of industries to develop appropriate IT policies and procedures to ensure regulatory compliance and data security, so please contact us if you have any questions. Sinu also has policy templates incorporated into your IT customer portal to relieve you of most of the heavy lifting – contact your relationship manager for more information.