Most Charities One Hack Short of a Fraud Policy

A survey undertaken by the Fraud Advisory Panel has shown that even though half of those charities surveyed saw fraud as a major risk, most had not put policies in place to prevent it.

The Fraud Advisory Panel is a charity that works towards raising awareness of the effects of fraud and developing appropriate anti-fraud strategies in conjunction with the government.

Responding to the news, Niroo Rad (pictured), CEO of Advanced Solutions International (ASI), a leading global provider of web-based software for associations and non-profits commented: “Unfortunately, the report highlights that no organisation is exempt from malicious attacks. The Internet has created an invaluable fundraising channel for charities but unless sufficient steps are taken, it can also provide a backdoor to hackers and fraudsters."

"As charities transfer greater amounts of information online to speed up and automate the fundraising process, they open the door to more and more security threats. In addition to this, the majority of not-for-profit organisations also rely on a multitude of volunteers, making it difficult to enforce a tight security structure and ensure that security policies are adhered to. Worryingly, the end result might go beyond stolen details and funds and could actually have legal and financial implications if regulations such as the Data Protection Act are breached."

"What’s needed is a shift in perception. Charities are not immune to fraudsters and many are sitting ducks due to a lack of investment in IT. IT investment might not be at the top of many not-for-profit organisations’ agendas, but at the moment it can help to bring long-term benefits to working practices and secure donations."

"The bottom-line is that charities need to become as sophisticated as the hackers when it comes to IT and use a system that gives them detailed information on which employee logged on last and what changes they made to the system. This can make understanding and solving a threat a much easier task. They should also undertake an immediate audit of the number of databases they have and the information they contain as well as finding out who has access to these systems and why. Systems often grow over time but the records of who is using the data and why are rarely updated. Finally, review the security controls for each database and identify where there are any vulnerabilities where hackers might get in."

"When it comes to hacking, prevention is better than cure so now is the time for charities to take action to protect their information and their donors’ generosity.”

Fraud Advisory Panel

ASI Europe