Safeguarding your nonprofit’s information plays a critical role in risk management, and, fulfilling your board’s primary functions of governance and oversight. Data theft can damage your NFP’s reputation, and can also affect your fundraising efforts and weaken other forms of support for your nonprofit.

Train Your People on What Makes a Great Password

Hold a seminar or other training with your people to teach them how to create a strong password for each of their devices and accounts. The best passwords use a combination of letters, symbols and numbers, and avoid including personally identifying information and commonly used words. Stress the importance of creating unique passwords each time one is needed.

Create a formal policy on password creation and usage, and ensure all new staff members and volunteers using computers and other devices sign it.

There’s Risk, but Consider Using a Password Manager

Google and other browsers have a feature that allows users to save their username and password. However, users should understand that there is always a risk that you could download a virus or other malicious code that records keystrokes, compromising the security of the passwords stored on the device or profile.

Don’t Make it Personal but Do Make it Easy to Remember

Avoid using words, numbers and phrases that are personally meaningful to you, as it could make it easier for someone to guess your password. Consider using mnemonics techniques to make your passwords easier to recall. For example, you could decide on a passphrase and replace some letters with numbers and symbols to deliberately misspell it. You could also take the first letter of each word of a phrase that you can remember to create a password you can recall.

Use Multiple Forms of Authentication

Consider adding an extra layer of security to log in to an application or device in addition to the password. Biometric information, such as scanning your fingerprint or allowing the device to “read” your face and confirm your identity, can make your system more secure than simply just logging in with a password.

There are also devices that can connect to your laptop via the USB port, that will generate a random code that you would enter after your password to provide an additional layer of authentication.

Update User Access After Personnel Changes

Whenever you experience a change in your team members, take the time to update their access and online clearances. This way, they can no longer log into programs and applications that they should not have access to when their role changes.

Extra Security Tips

Read our article “Managing Your Digital Data and Social Media” for more strategies on how to protect your passwords and other critical NFP information.