What cyber security tools do small charities need?

Small charities make tempting and potentially easy targets for digital fraudsters, extortionists and other cyber criminals, and that’s because they often lack the resources that larger charities and businesses can devote to cyber security.

 

The good news for small charities is that there are a large number of cyber security tools that can reduce the risk of a successful cyber attack considerably, and many of these are available free or for a very small cost. Despite this, 44% of all charities don’t protect themselves with the right cyber security tools, as they don’t believe they are at risk.

 

Understanding the risks is vital for small charities, and many of these are outlined in the National Cyber Security Centre’s ’Cyber Security: Small Charity Guide.’ The most significant security threats are outlined below, along with the cyber security tools which can be used to provide security against these threats:

 

 

Tools to fight ransomware:

 

Ransomware is a type of malware which encrypts the digital data stored on a computer so that it can no longer be used, and then demands a ransom to restore the data to a usable form. A ransomware attack can be devastating to a charity, potentially putting a stop to its fundraising and other activities.

 

 

Backup software

 

By backing up data regularly, small charities can ensure that they have an unencrypted copy of their data if they fall victim to a ransomware attack. Google’s free Backup and Sync tool backs up data to the cloud, and backup software is also available from many security vendors such as Norton and McAfee

 

 

Anti-ransomware software

 

Many security software vendors offer products which detect when large numbers of files are being encrypted on a computer and stop this activity automatically. Examples include Check Point ZoneAlarm Anti-Ransomware and Acronis Ransomware Protection

 

 

Tools to keep software up to date

 

When cyber-criminals find digital flaws in an operating system such as Windows, or in specific applications such as Word or Photoshop, they can often use these flaws to launch cyber-attacks on organisations such as small charities which may be using this software - until the flaws are fixed in a software update. That’s why it is vitally important that small charities keep their software up to date by installing updates as soon as they are available. It’s also good security practice to set the operating system and other software to update automatically or "check for updates when starting" whenever possible.

 

 

Software updaters

 

Software updater programs can take an inventory of all the software running on a computer and check for any updates that are available. Some will also download and run any available updates automatically or with a single mouse click. Examples include IObit Software Updater, FileHippo App Manager, Avira Software Updater, and Thor.

 

 

Tools to improve password security

 

Many cyber attacks succeed because organisations use short or easily guessable passwords to protect their systems. Secure passwords are ones which are made up of a random mix of at least 12 upper and lower case letters and symbols such as ! and &.

 

The problem for computer users is that secure passwords are hard to remember, so the temptation is to use something simple like "monkey123" or "pa33word".

 

 

Password managers

 

Password managers store secure passwords and enters them automatically once it has been activated with a master password. This means that a user only has to remember one password rather than many. Password managers also provide protection against some phishing attacks, because they do not enter passwords at fraudulent sites. Good password managers include LastPass, 1Password, and Dashlane

 

 

 

Tools to secure lost mobile devices

 

Smartphones and other mobile devices present a significant security risk for small charities if they get lost or stolen because they frequently contain valuable information, they may be used to access charity databases, and they may be needed to log in to accounts which require users to enter a code which is sent by text to the device.

 

 

Mobile device management software

 

Find My Device and Find My (formerly Find My iPhone) are two free mobile device management tools for Android and Apple devices respectively which allow users to remotely lock a lost or stolen phone, or even to delete all the information stored on it.

 

The device may still be at risk until the remote commands are issued, so it is important that mobile device users activate their devices’ automatic lock feature. This will prevent anyone finding a smartphone from accessing it without first providing a PIN, password, fingerprint, or facial recognition image.