At CharityComms, we’re all about empowering our members to do incredible work and sharing knowledge that helps them do that.
We want you to feel confident and secure in how you engage with us and others. Awareness is the most powerful tool we have against cyber threats.
Five essential points for cyber security
1. The phishing check: stop, look, verify
Phishing is one of the biggest threats to charities. Scammers can impersonate people in an attempt to steal data or launch ransomware attacks.
- Be cautious: If an email, text or call claims to be from us and asks you to urgently click a link, share passwords or update sensitive banking details, stop.
- Trust your instincts: If it feels rushed or unusual, don’t click. Instead, use a known, trusted email to contact us and verify the request. Do not reply or use the contact details provided in the suspicious message.
2. Protecting your log-in: strong passwords
Protecting your access to our member services is crucial. Some of our services require an account and login for you to use them like our mentoring scheme. Simple passwords can put your accounts at risk.
- Go big on passwords: Use a long, unique and complex phrase for any member accounts; this should ideally include a combination of letters, numbers and symbols. A password manager can help you keep track of them all securely.
3. Update your software
Software updates aren’t just about new features, they’re critical for security patches.
- Keep devices current: Make sure the computers and phones you use to connect with us are running the latest operating system and application updates. It’s the easiest way to close security gaps that criminals might exploit.
- Layer your defense: Check that your devices also have up-to-date anti-virus or anti-malware software running to catch anything new that sneaks past the updates.
- Speak to the experts: Talk to your IT team or consultants to make sure you have the right set-up for your work devices.
4. When we share data
We only share data for these reasons:
- Delegate lists are shared with event attendees, with express mention they cannot be used for promotional purposes. This list only includes names, job titles and organisations and does not include any contact information. You can opt-out of being included on this list when signing up for an event.
- As a small charity, we sometimes work with consultants and suppliers to deliver our work. They are trusted suppliers contracted to protect any data under the law. We never give them access to data they do not need.
With your permission, we will publicly share details about you for your promotion, like in our supplier and freelancer directories, your author bio or event speaker profile. This should all be information that you would be comfortable sharing in public forums for commissioning or networking. We will check with you first what information you want to share on our website.
It’s important to note that any information that is publicly available could be used by scammers for phishing attempts.
- Your privacy matters: To understand exactly how we collect, use and protect the information you share with us, please read our full Data Privacy and Policy. You reserve the right to withdraw your data at any time.
- Follow the protocol: Please follow the instructions we give you for accessing, storing or handling information securely.
- Minimise the risk: If you don’t need to download or forward a document with sensitive information on, don’t. The fewer copies there are floating around, the safer the data is.
5. Reporting issues
Cyber security is a shared responsibility. We can work together to ensure cyber threats are reported.
- Talk to us: If you have clicked a suspicious link from someone reporting to be us, think you’ve accidentally shared your login details, or are simply unsure about a request, please tell us. We are more than happy to help you and, where necessary, make sure any cases are reported to the Information Commissioner’s Office for investigation.
Contact us at admin@charitycomms.org.uk.
Resources
- The government guide to protecting charities from cyber-crimes.
- The National Cyber Security Centre advice for small to medium-sized organisations (up to 250 employees).
- The Information Commissioner’s Office offers comprehensive information on relevant guidance on UK GDPR.
- Guidance and tips for improving your cyber security understanding and processes from NCVO.
AI transparency notice: This page was drafted using AI assistance but checked and developed by our staff.