Charities risk IT security breaches without a BYOD policy
According to a new whitepaper commissioned by Advanced and conducted by PwC, charities are vulnerable to IT security risks and reputational damage without a formal Bring Your Own Device (BYOD) policy in place.
According to the 2014 Information Security Breaches Report, commissioned by accounting and business software provider Advanced and conducted by PricewaterhouseCoopers (PwC), charities are vulnerable to IT security risks and reputational damage without a formal Bring Your Own Device (BYOD) policy in place.
The paper advises charities to educate key stakeholders about the safe use of mobile devices and investigate the technical measures they can take to safeguard their data and networks.
The growth of mobile has allowed many organisations to let their employees and volunteers use their own portable devices such as smartphones, tablets and personal digital assistants (PDAs) for work purposes to connect with their supporters.
The report has highlighted that the cost of information security breaches has almost doubled in the last year. For small organisations, the worst breaches cost on average between £65,000 and £115,000 and for large organisations between £600,000 and £1.15 million.
Greg Ford, Managing Director of Advanced Exchequer, says: “Protecting corporate data from intrusion, misuse or abuse is a high priority for any organisation. For charities and not-for-profits storing highly confidential donor and beneficiary data, security is absolutely imperative. While it is tempting for charitable organisations to allow staff and volunteers to use their personal devices to save costs and drive donations without a formal and explicit policy on BYOD, they run the risk of encountering a damaging security breach.”
“As charities continue to wrestle with limited budgets and greater demands from staff to use their own devices, now is the time for them to think seriously about BYOD and data security. By creating a consistent and coherent BYOD strategy, organisations can mitigate the threat of security vulnerabilities and empower employees and volunteers to use mobile technologies to help generate vital funds, without placing donor relationships at risk.”