Skip to Content

3 Steps to Making Data Protection a Priority at Your Nonprofit

By Michael Duggan October 12, 2021

Nonprofits are primarily mission-driven organizations. Their success is measured by their impact in the community, and their achievement of the mission set out at their formation. But nonprofits are also business enterprises, built on an underlying model that allows their programs and organizations to operate and succeed. Leaders of nonprofits are constantly being challenged by the need to modernize and keep up with digital innovation while maintaining donor trust. With large and ever-increasing pools of constituent data, nonprofit leaders must take a page from commercial organizations and prepare a different approach to protecting personal data moving forward.

Person working on computer with data protection image overlay
With large and ever-increasing pools of constituent data, nonprofit leaders must take a page from commercial organizations and prepare a different approach to protecting personal data moving forward.

What’s Driving a Greater Need for Data Protection?

The data nonprofits collect on individual donors, corporate contributors, partners, vendors, and charities are critical to their operations. Lost or corrupted data such as names, addresses, credit card details, emails, and phone numbers would not only disrupt operations and create compliance risks, but also cause a major breach of trust among donors.

When it comes to external threats to their data, nonprofits are especially vulnerable as compared to other organizations. Limited budgets, a lack of strong security measures, and legacy data-storage systems all make nonprofits susceptible to malicious cyberattacks. More than 80% of nonprofits don’t even have a strategy to deal with such attacks. Remote work and reduced budgets due to COVID-19 have only magnified these issues.

But while nonprofits should certainly be aware of outside threats to their data, the majority of incidents continue to be caused by innocent errors. According to research firm Gartner, 99% of cloud security failures and resulting data loss will be the customer’s fault through 2025. We see a similar trend within the Salesforce platform. Based on OwnBackup’s 2020 State of Salesforce Data Protection Survey, human error is the leading cause of data loss within the Salesforce ecosystem, making up just under half of all incidents.

Now that you understand why protecting data is so important, here are three actions you can take to make data protection a priority at your nonprofit.

1. Get the Board on Board

Prioritizing data protection at the highest levels of your organization is critical to putting the right solutions in place.

There’s no doubt that the pandemic has changed the perception of technology for many nonprofit leaders. Tech kept these organizations connected to their supporters and allowed them to continue pursuing their missions, despite geographic barriers.

But how do you make sure that your nonprofit continues to invest in technology post-pandemic? One way is to point out the successes of the past year and explain that digital transformation isn’t slowing down.

Additionally, if your board lacks tech expertise, make it a priority to recruit someone who understands the need for data protection — and how to achieve it. Your tech committee might be tasked with creating policies, determining budgets, evaluating software and products such as backup and recovery solutions, and planning how your organization would respond to a cyberattack.

2. Move Data onto a Secure Platform

In their efforts to fundraise effectively, nonprofits collect a plethora of personally identifiable donor data, including payment information, emails, addresses, and more. Unfortunately, many nonprofits either do not have proper systems in place for storing donor data, or have data scattered across multiple systems. A CRM platform like Salesforce can not only deliver an immediate upgrade in security (the platform has 99.999% uptime), but also provide nonprofits with connected experiences across communication channels.

One nonprofit that saw the value in moving to Salesforce is Islamic Relief Worldwide, an international humanitarian organization that responds to humanitarian disasters and tackles poverty in 40 countries around the world.

Mohammed Zabhier, Business Systems Manager at Islamic Relief, uses Salesforce to manage the organization’s Orphan Sponsorship program. He said the platform has been especially valuable in the past year to connect staff, donors, and children.

“By centralizing all of our data in one place, we can truly leverage our global presence,” Zabhier said. “If a donor in the U.S. can no longer sponsor a child, that child can be reallocated to a donor in another country with a few clicks, ensuring continuity of funding.”

Salesforce has also been key to helping Islamic Relief maintain donor trust by making up-to-date data readily available. “The biggest commodity we are trading is trust. Donors want to see they are making an impact and need to see accurate data. That transparency with end users relies on access to data at all times,” said Zabhier.

3. Invest in a Cloud Backup Solution

Aggregating all of your valuable information in a single platform is a critical first step in securing your nonprofit. Protecting all of this information should come next.

Nearly all SaaS applications like Salesforce require shared responsibility for keeping data safe. That means you can count on Salesforce to ensure the security and integrity of the platform, but as a client, you are responsible for the data you put into it and who you allow to access it. Safeguarding essential data and sustaining business continuity requires automated cloud-to-cloud data protection. This modern approach detects and alerts you to data anomalies, safeguards data and metadata with complete data backups, and makes precision repair of data problems effortless.

Islamic Relief’s constituents demanded resiliency in the case of an unforeseen data loss incident. The organization became an OwnBackup customer last year to provide peace of mind that they could recover from such an incident.

“The worst-case scenario would be not being able to access our Salesforce data. So having a backup solution that sits outside of Salesforce allows us to access our data no matter what. With OwnBackup in place, we know we are honoring the responsibility for the children we are helping and the donors we’re supporting.”

Protect Your Mission by Protecting Your Data

Charities win on trust from supporters, and if that trust is compromised, the business model quickly falls apart. Regulators and donors demand resiliency and due diligence. Nonprofits need to be proactive in ensuring the correct resources are allocated to risk reduction and donor data is protected. The future of nonprofit organizations is all about innovation — of products, services, and new business models. Focus on your innovation strategy or risk being disrupted.

Learn more about how to protect your mission by protecting your data.

About the Author

Michael Duggan, Nonprofit Industry Advisor,
Michael Duggan
Nonprofit Industry Advisor,
Michael is a technology executive who leads digital transformation programmes from strategy development to implementation. He leverages cloud to enable organisations to shift spend from operations to business transformation and increase organisational agility. Michael has 18+ years’ experience in the utilities, financial services, software, telecoms, and nonprofit sectors.