Over the past year, a staggering number of crises – from the global to the intensely personal – have emerged and persisted. When it comes to addressing complex problems and trying to make a difference, nonprofit organizations have been a lifeline to some of the most vulnerable areas.
But because of a global increase in cybercrime, nonprofits themselves are becoming more and more at risk. While this affects many industries and organizations, nonprofits are frequently viewed as being particularly at risk since they do not have the funding to adequately protect the data they require to function, which might affect everyone from donors to program participants to volunteers.
In response, Microsoft is launching the Security Program for Nonprofits – a set of security offerings, built to complement Microsoft’s security suite, to provide proactive monitoring and notification in the case of a nation-state attack, assess organizational and infrastructure risk to help organizations enhance their security posture based on their environment, and streamline security training for IT professionals and end-users. Their objective is to support 10,000 organizations in the first year, with a three-year goal of providing these services to 50,000 organizations worldwide. This includes:
AccountGuard for Nonprofits: The AccountGuard program alerts companies when sophisticated nation-state attackers target or hack their Microsoft 365 organizational accounts, as well as the personal Outlook and Hotmail accounts of staff and board members. 32 new countries have already joined the program, and more than 1,500 threat notifications have been sent out. We are currently providing AccountGuard at no additional cost to any qualified nonprofits. Eligible organizations can learn more and get started by claiming the offering in their nonprofit hub.
Free security assessments: Microsoft is offering free security assessments to nonprofit organizations to help them better understand the vulnerabilities in their existing endpoints, identity access, infrastructure, network and data with the objective of supporting and prioritizing an immediate action and remediation plan to better protect their environment from any imminent risk with support from our partner ecosystem. To sign up for an assessment, talk to your Microsoft account team or sign up here.
Free training pathways for IT administrators and end-users: No matter the function, Microsoft has developed training pathways to streamline the best-suggested trainings for nonprofits. Today, workers from all backgrounds can learn the most recent techniques for staying safe from online threats and scams and working more safely from home. IT administrators have access to the Security Skilling Hub and Microsoft 365 Administrator’s Security Toolkit, all available through the Security Program for Nonprofits page.
Microsoft’s 2021 Digital Defense Report confirms that in the past year, cybercrime has become more sophisticated and widespread, taking advantage of vulnerable prey by capitalizing on crises. The research notes that, in the previous year, NGOs and think tanks accounted for 31% of all reports of nation-state assaults against organizational domains as detected by Microsoft, making them the second most targeted sector by hackers. Because they frequently hold sensitive data, these institutions make desirable targets for nation-state actors. Additionally, according to the 2021 Cybersecurity Guide for Nonprofit Organizations, a thorough vulnerability assessment is missing from up to 70% of charity networks, despite the fact that hackers attempt to access government and nonprofit databases every 39 seconds.
Organizations like Catholic Relief Services have first-hand knowledge of the risk and expense of cyber attacks. The international humanitarian nonprofit offers assistance to 130 million people in more than 110 nations, aiding in the distribution of vaccines, and relief efforts in Haiti and areas hit by Tropical Storm Elsa.
Catholic Relief Services discovered in 2017 that it was susceptible to a hack as a result of an incident in Central Africa that revealed people's financial, geographic, and personal information. Then, earlier this year, nonprofits worldwide were hit by the Nobelium email-based attack. Despite the fact that Catholic Relief Services was not specifically targeted, Joel Urbanowicz, the organization's director of digital workplace services, described both incidents as wake-up calls that motivated them to increase their investment in cybersecurity and collaborate with Microsoft on a unified, pre-integrated solution. With the implementation of multi-factor authentication, cloud app security, and other measures, they have significantly improved their security posture overall. However, Urbanowicz agrees that the problem is always changing and is difficult for any group to address, particularly with limited resources.
Catholic Relief Services welcomes the new cybersecurity offerings. “It is important for us to understand where we possibly could do better,” says Urbanowicz. “Yes, it’s daunting and there is a lot to do when addressing cybersecurity, but it’s necessary. The best way to approach this is to start with one thing, get good at it and then move on to the next.”
It’s up to all of us to support nonprofits as they work on the front lines of need around the world. Volunteers, partners, donors, and employees continue to accomplish great things in the face of great need.
We continue to stand with nonprofits so they can focus on accomplishing their missions without compromising organizational security.
For more information:
Learn more at Microsoft’s Security Program for Nonprofits page
Read their newly-published e-book Strengthen your Nonprofit’s Digital Security: Protect your Data and Build Trust
Learn more about Catholic Relief Services
If your organization is considering using Microsoft 365, contact RCS Professional Services. As a Microsoft Gold Partner, we provide premier pricing and support on Microsoft products and licensing. You can also visit our youtube channel for Microsoft Teams Training.