Member Article

Charities risk data security breaches without a formal BYOD policy in place, warns Advanced

Charities and not-for-profit (NFP) organisations are vulnerable to IT security risks and reputational damage without a formal Bring Your Own Device (BYOD) policy in place. This is according to a new white paper commissioned by accounting and business software provider, Advanced Exchequer (Advanced).

Charitable organisations should educate key stakeholders about the safe use of mobile devices and investigate the technical measures they can take to safeguard their data and networks, the paper advises.

Charities and NFPs have been quick to exploit the potential of mobile technology as an effective fundraising solution to make their limited funds stretch further. This has led to an increasing number of organisations allowing their employees and volunteers to use their own portable devices such as smartphones, tablets and personal digital assistants (PDAs) for work purposes to connect with their supporters and target audiences.

However research conducted by PricewaterhouseCoopers (PwC)* for the 2014 Information Security Breaches Report has highlighted that the cost of information security breaches has almost doubled in the last year. For small organisations, the worst breaches cost on average between £65,000 and £115,000 and for large organisations between £600,000 and £1.15 million.

PwC’s survey of 9,600 senior executives from organisations across 115 countries also revealed that just over half (51 per cent) of the worst breaches were caused by human error (31 per cent) and deliberate misuse of systems by staff (20 per cent).

Greg Ford, Managing Director of Advanced Exchequer, says, “Protecting corporate data from intrusion, misuse or abuse is a high priority for any organisation. For charities and not-for-profits storing highly confidential donor and beneficiary data, security is absolutely imperative.

“While it is tempting for charitable organisations to allow staff and volunteers to use their personal devices to save costs and drive donations without a formal and explicit policy on BYOD, they run the risk of encountering a damaging security breach.”

To avoid being exposed, organisations should create a BYOD policy which is communicated regularly to staff, trustees, volunteers and partners describing the data that may be processed on personal devices and best practice security procedures. The BYOD policy should also explain clearly what measures will be taken if a personal device is compromised or lost, such as automatically wiping data and/or denying access to network systems, to prevent sensitive information from falling into the wrong hands.

In addition, charities should further reinforce their IT infrastructure to safeguard the transmission of data to and from mobile devices across multiple platforms. Personal devices should be checked for compliance and sufficiently resilient to withstand their operating environment.

Ford comments, “As charities continue to wrestle with limited budgets and greater demands from staff to use their own devices, now is the time for them to think seriously about BYOD and data security. By creating a consistent and coherent BYOD strategy, organisations can mitigate the threat of security vulnerabilities and empower employees and volunteers to use mobile technologies to help generate vital funds, without placing donor relationships at risk.”

Advanced Exchequer is continually developing its solutions to meet the increasing demand for mobile technology. The software provider recently enhanced its product suite with the launch of eXchequer 365, a new app designed to provide organisations with remote access to key information via the Exchequer finance system using smartphones.

Exchequer has a variety of NFP customers, including: The Kings Fund, Action for Kids and The National Society for Epilepsy. To access the white paper “Why every charity and not-for-profit needs a BYOD strategy”, click http://www.exchequer.com/resource-centre/guides—whitepapers/bring-your-own-device-strategy.aspx

-ENDS-

Notes to Editor

*Research taken from the 2014 Information Security Breaches Report conducted by PricewaterhouseCoopers for the Department for Business Information and Skills (BIS).

About Advanced Exchequer www.exchequer.com Exchequer’s multi-award-winning, fully integrated accounting and business software helps organisations improve the way they manage and operate their business, delivering significant time and cost savings by automating everyday tasks. Flexible and easy to use, with powerful functionality built-in throughout, Exchequer supports all aspects of your organisation providing unrivalled analysis, exceptional management reporting and productivity enhancing tools. Exchequer improves customers’ productivity by 47%.

Award successes include ‘Financial Software Provider of the Year’ in the Real Finance/CBI FDs’ Excellence Awards, winning more times than any other software provider, ‘Best rated accounting product catering for businesses in the medium range’ in an authoritative survey by the ICAEW, and 100% user recommendation by Charity Finance for three years running.

Exchequer is part of Advanced Business Solutions, a division of Advanced Computer Software Group plc.

Press contacts Angela Mycock and Ben Carey pr@advancedcomputersoftware.com 01625 856513

This was posted in Bdaily's Members' News section by Advanced .