Insights
INSIGHTS
All Topics
Cyber security products every charity needs
22 Apr 2021by Paul Rubens
We look at cyber security software that charities can use immediately
Your charity faces the threat of a cyber attack every minute of every day. It’s a sobering thought, but the good news is that there is plenty of highly-effective security software out there to protect your organisation from hackers and cyber criminals.
Your charity should make use of the best products available, but it’s important to understand that the best security software for one charity may not be the best for another. Cost may be an important factor for one charity, ease of use for another, implementation for yet another.
With that in mind, here are the security software categories that every charity needs to consider, along with some examples of top products in each category that may be suitable for your charity’s particular requirements.
Endpoint security software
Your charity should be running an endpoint security product on all desktop and laptop computers used by staff members in the office or working from home, to provide protection against viruses, ransomware, and other malware.
Most endpoint security products also provide extra security features such as intrusion detection, an enhanced firewall, encryption, password management, and blacklisting of websites which are known to be malicious.
Many endpoint security software vendors offer free versions of products that offer good basic protection. But the paid-for versions offer a higher level of protection, as well as features such as centralised management that are useful for larger organisations.
Endpoint security products to consider include:
- Avast Business Antivirus
- Avast Free
- Bitdefender GravityZone Business Security
- Norton Small Business
- Kaspersky Total Security
Password manager
Passwords are one of the main ways that charity staff ‘authenticate’ themselves, meaning prove that they are who say they are and that they have a right to access a particular application or online service when they log in.
To make password authentication as secure as possible, staff need to use a different password for each application or service. Staff should also choose passwords which are at least thirteen characters long and difficult to guess. Ideally they should be a random string of upper and lower case letters, numbers, and special characters such as ‘!’ or ‘&’.
Since remembering a number of such passwords is practically impossible, your charity should ensure staff are using a password manager that stores passwords securely in encrypted form and enters them automatically.
Since password managers are not fooled by fake websites set up by cyber criminals, these security tools also offer a degree of protection against phishing attacks.
Products to consider include:
Second factor authenticator
Password security can be beefed up significantly by using two factor authentication (2FA). This involves supplying something else in addition to a password when signing in to an account. This something may be a code generated by an authenticator app running on a mobile phone or sent to the phone by SMS, or some form of biometric such as a fingerprint or face scan, often captured by a mobile phone’s camera or other sensors.
The most common form of 2FA is an SMS code, but an authenticator app is more secure.
Authenticator apps to consider include:
Software updater
Many successful cyber attacks occur because organisations fail to update their software to fix security issues which are discovered and exploited by cyber criminals. So ensuring that software is updated as quickly as possible after an update is release should be a priority for every charity.
Since it is hard to keep track of the updates, charities should use a software updater product which inventories every application installed on a particular computer and either alerts the user when any updates are released, or updates the software automatically.
Software updaters to consider include:
Related Articles
Encrypted USB drives
Confidential data is at risk whenever a USB drive is used to move it from one computer to another – perhaps when a staff member moves data from their office computer to their home computer so that they can work remotely.
To ensure that this data is kept secure even if the USB drive is lost or stolen while in transit, it’s a good idea to use a secure USB drive which automatically encrypts the data so that it can only be viewed after a password is supplied.
Encrypted USB drives to consider include:
Hard drive encryption
Laptop computers can also get lost or stolen while travelling between home and charity offices, and both laptop and desktop machines can be stolen from either place. So it’s also a good idea to encrypt any data on their storage drives to keep it out of the hands of cyber criminals. There are a number of ways to encrypt data, including:
- Using a self-encrypting internal or external drive such as the iStorage Diskashur
- Using the encryption software included in some endpoint security software
- Using the encryption software included in some versions of some operating systems (such as the BitLocker encryption product included with versions of Windows 10 excluding Windows 10 Home
- Using a third party encryption management product such as Eset Endpoint Encryption Pro, McAfee Complete Data Protection, or Sophos Central Device Encryption
VPN connection
Whenever a charity staff member is using a public Wi-Fi connection, such as when they are at a coffee shop or airport, they should use a VPN connection. This encrypts and data as it travels over the public Wi-Fi connection to ensure that it cannot be eavesdropped on by a hacker.
VPN services to consider include:
Staff members working remotely should also use a remote access VPN when connecting to their charity office computer systems. This usually involves a VPN program (the most commonly used is Cisco AnyConnect) that is designed to connect to a hardware device at your charity’s office.
This could be a standalone VPN appliance or, more commonly, the charity’s main network router or security appliance.
More on this topic
Recommended Products
Featured Products
Our Events
Digital Fundraising Summit 2024
For the sixth year in a row, we're bringing back an action-packed event filled with Digital Fundraising insights from the charity and tech sectors. Join us on 7th October 2024 for a free, one-day online event featuring informative webinars and interactive workshops.
© 2022 Charity Digital Trust. All rights reserved
We use cookies so we can provide you with the best online experience. By continuing to browse this site you are agreeing to our use of cookies. Click on the banner to find out more.
