While running your nonprofit organization, you want to prioritize making an impact and changing the world. The last thing you want to have to worry about is a data security breach or hearing your website was hacked.
A site that hasn't been secured can put all of your linked data at risk—meaning:
- Your organization’s information
- The data of your donors and volunteers
- Anything else that’s on or integrated with your site
It’s your responsibility to protect everyone’s data, and it’s also a potential legal issue. Without a secure site, you could be at risk of violating the EU's GDPR (General Data Protection Regulation) or the CCPA (California Consumer Privacy Act).
Let’s reduce the security risks of your website. These 4 tips below will help you make sure your site is compliant and secure.
1. Your Nonprofit Site Needs an SSL Certificate
Do you notice how some sites have a padlock icon next to the URL and others don’t? Or how some URLs are “http” and others are “https”? This has to do with the level of security via an SSL Certificate.
These SSL Certificates are a big part of internet security. SSL (Secure Sockets Layer) Certificates encrypt the connection between your supporters’ computer and your website or server. This certificate will help protect sensitive data while it’s sent over the web, such as credit card information, that is exchanged when a person is interacting with your organization’s site.
As a bonus, Google and other search engines prioritize your website in search results when you use an SSL Certificate.
Let’s Encrypt is a free service that provides security certificates. Your website developer can help you set this up!
2. Protect Data on the Front End and Back End
There are two ends of your website’s experience that need to be protected: the server or administration side, and the website side that’s visible to the public. These make up the back end and front end of your website.
Your site host or developer can set up your server to be secure. This will help prevent hackers from accessing the inner workings of your website and hijacking it to steal information.
On the front end of your website, you can invest in a good firewall to protect it from unauthorized access. A firewall prevents hackers from accessing pages that manage your site, and can also automatically block their IP addresses. There are many types of firewalls, and your developer can help you set this up.
3. Use a Trusted Payment Provider Like PayPal or Stripe
When taking donations, you have to do more than utilize a donor-centric strategy; you also have to make sure your donation process is secure. Use a trusted payment provider or third-party service like PayPal or Stripe that can integrate into your site. This method is less complicated than making sure your donation forms are PCI-compliant, and is less expensive, too. Also, people are more likely to make a gift if they see you’re using a secure donation form.
This compliant process combined with the SSL Certificate mentioned in the first tip will create a protected environment so your donors can contribute safely to your nonprofit.
4. Build Your Site with Updated Software
One of the biggest reasons websites aren’t secure is because they’re not using software that’s up-to-date. Your site needs to be created with current software, otherwise it’s vulnerable to being hacked.
You and your developer can work together to ensure the chosen CMS (Content Management System) uses the latest version. Any plugins or third party apps added to your site also need to be recently updated.
In the next two blog posts, we will explore user privacy for your website visitors as well as give you practical tips on how to make sure all of these security measures you’ve put in place don’t go to waste. Make sure to subscribe to our newsletter below so you don’t miss out on this important blog post series!
