4 Reasons Nonprofits Need to Exercise Extreme Caution When Storing Files in the Cloud
Non-profit organizations need to exercise caution when storing files in the cloud. Not because the cloud is inherently insecure, but because the end user is responsible for implementing the majority of cloud storage security measures. If you don’t know how to secure your cloud environment, your stored data could be susceptible to cyberattacks.
As a non-profit, you’ve probably got plenty of personal information, including financial data and even credit card information from your sponsors and donors. If you don’t secure your files in the cloud, you’re putting your partners and sponsors at risk.
The consequences of lax cybersecurity are immense, but for a non-profit, those consequences can be exceptionally damaging. If you run or are in charge of managing data for a non-profit organization, here’s why you need strong cybersecurity measures in place.
1. The wrong security configuration settings can make your files vulnerable
Most cloud storage platforms make end-user security easy, but you still need to know how to manage your settings. Some platforms make that easier than others. For example, Box is the preferred cloud storage provider for non-profits because the security settings are easy to implement. You can lock down your entire account or set individual permissions for files and folders. For example, file permissions can be set to allow sharing but not allow downloading.
The problem is, even the world’s most secure cloud server can be breached because of a small mistake. For instance, someone might accidentally fall for a phishing scam and give out their login credentials. Or the cloud storage environment might be left wide open to the public when it should have been locked down.
It’s easier than you think to make a grave mistake that leaves you wide open to hackers. User errors, like misconfigured security settings, cause 90% of all data breaches. So, while file storage platforms are secure, the extent of that security depends on how you configure your account.
Knowing what security settings need to be set is the key to securing any file storage platform. You can’t afford to make mistakes that could expose sensitive data to the world. Your best bet is to hire an IT security specialist to ensure your file storage accounts are as secure as possible.
2. Hackers are constantly looking for vulnerabilities to exploit
While the public tends to view all data breaches as malicious hacks executed by tech-savvy hackers, the majority of data breaches are simply vulnerability exploits. Cybercriminals are tech-savvy, but thanks to user error, they don’t usually have to try hard to breach a network.
Every organization is susceptible to cyberattacks, but some are more vulnerable than others. Vulnerability comes from a lack of security, but also inherent flaws in software. For example, anytime a vulnerability is discovered, software developers normally publish a patch for end users to install. Hackers will find instances of unpatched software and exploit the known vulnerabilities.
If you’re using a random web server to store files in the cloud with outdated software, you can almost guarantee your files will get hacked.
3. Hacked data is often used for identity theft
Most hackers target organizations they believe have personal information that can be used for identity theft. That’s why healthcare organizations get hacked frequently.
In May 2021, the McKinley Christian Health Care non-profit organization reported a data breach that happened in the beginning of the year. The breach exposed data from 200,000 patients and employees, including Social Security numbers, driver’s license numbers, and passports. That’s more than enough information to use for identity theft.
4. A data breach could cut you off from donations
If a data breach exposes donor financial data, people will think twice before donating to your organization. Unfortunately, this situation happens all too often. For example, in 2015, the Utah Food Bank’s website database was hacked, exposing financial data belonging to more than 10,000 donors.
After this breach, people were hesitant to donate to the food bank, despite there being a pressing need for donations.
Your cloud security habits can make or break your success
It only takes one data breach incident for consumers to lose trust in a non-profit organization. You’ll probably need to spend some time and money securing all the data you manage, but it’s worth every second and every penny. If your goal is to make a difference for people, you need to start by securing all of the data you handle.