I recently wrote about the benefits of data as a public relations tool – especially when the IRS Form 990 is available to the public. I would be remiss if I didn’t address the possibility of such data being hacked. “The philanthropy community is still catching up to the digital security needs faced by civil society” says two security experts, whose article is noted below.
The article recommends four steps to take to be AWARE of the risk. They are:
- Commit to digital security as essential to all work. Although digital security work takes resources and energy, it is critical to keep a focus on its importance. Like fiscal responsibility and good governance, digital security needs to be part of strategic planning.
- Take big responsibility for big data. Organizations must take responsibility for stewarding their data seriously, or many people they serve, engaged supporters and institutions may be at risk.
- Prioritize “capacity building”. This means addressing the structural vulnerabilities that make it easy for an online adversary to attack the organization. This includes auditing the specific systems the organization uses to store, share, and process user data. The authors point out that individual training programs are not sufficient, since the ground is always changing. It takes focused, structural change.
- See the shared threat as a call for interdependence. Digital security is a shared responsibility among funders, donors, partners, and our own customers and clients. Organizations need to be realistic about the interdependencies and work together to avoid the risks. But lastly, data security relies on a structural, system-wide focus in the organization to avoid the risk.
 “Tackling Digital Security Across Civil Society”, Josh Levy & Katie Gillum, Stanford Social Innovation Review, April 20, 2018
Author: Adrianne Geiger DuMond, Executive Coaches of Orange County, ECofOC.org