People often talk about trust on the Internet. Reports of data theft, corruption of data and distributed denial of service (DDoS) attacks are commonplace. As an organization begins to use the Internet for its activities, it needs to practice safe computing, information management and communications.
An NGO or non-profit organization needs not only to protect their own networks and operations, but it also needs to safeguard to a reasonable extent any who accesses them over the Internet.
In deciding on safeguards, each organization will need to evaluate its own risks and vulnerabilities (create a “threat model”) and decide on the security measures it needs to implement, ranging from basic virus and malware checking, privacy concerns, data encryption, to a engaging in anonymous operations. Not all not-for-profits need the same level of security. Some of the considerations include:
- Do you know the risks that apply to you?
- Do you know where your data is?
- Do you work with endangered populations?
- Do you know what you have done with your users and partners data?
- How are you going to manage all this data?