Viruses, hackers, spyware and donors oh my

Last Thursday, I turned my computer on and started preparing to write my daily blog, when suddenly my virus software sprang into action. A pop-up window told me that my computer was infected with a trojan virus and asked if I wanted it removed. Of course, I said ‘YES’. In a blink of an eye, I was staring at the dreaded “blue screen of death,”and I was obviously out of commission. It was for this reason you did not see any blog posts from me on Thursday or Friday.

During my unplanned time down, I started thinking about how non-profit organizations probably deal with this on a daily basis and how in some instances it could even impact donors who routinely feed us their personal information (e.g. name, address, phone, email, credit card and banking info, etc).

Upon further investigation, did you know that the Obama team, who has collected tons of donor information at, had to dealt with hackers as recently as a year ago? And “Twitter hacking” has been in the news recently for reasons I refuse to go into.

Non-profit organizations are constantly collecting information on their donors and storing it in their donor database. In fact, with the social media revolution in full swing, non-profits are pushing further by “friending” donors on Facebook, following donors on Twitter, and linking with donors on LinkedIn. All of these activities are intended to help deepen our relationships with donors and get to know them even better.

It is a brave new world and non-profit organizations need to make sure they are ready to deal with these issue. If you don’t think spyware, computer viruses, phishing and hackers are an issue, then go talk to our resource development friends at the University of Notre Dame  or Maine Public Broadcasting.

Put yourself in a donor’s shoes after being informed that your systems were compromised? Where is your confidence level? What is running through your mind the next time you’re asked to make a contribution?

Of course, the answer is not to unplug your donor database or shutdown the organization’s Facebook or Twitter accounts. However, you might consider the following:

  • Develop a privacy policy for donors like the one Hope House has posted on their website.
  • Use the Association of Fundraising Professional’s (AFP) Code of Ethical Principles & Standards and The Donor Bill of Rights as a foundation to develop your resource development policies.
  • Develop a crisis management plan like the one United Way of Marion County in Florida has posted to the internet and consider involving donors in the policy development process so you can capture their point of view on how they’d like to be informed on certain matters.
  • Develop a documentation retention policies so you know what you need to keep and how to securely keep it. Blue Avocado has done a nice job getting you started down this road, but you definitely need to involve your board volunteers, Finance Committee, auditors, and possibly even your donors in developing your own policies.
  • Use virus software and spyware software routinely. Check out Tech Soup’s “virus protection toolkit”.
  • Don’t ever email donor data or information.

If you really want to scare yourself, spend a few moments with this PowerPoint presentation from our friends at NTEN.  Scared yet?

So, how do you protect your donor data? If your systems got hacked or compromised, how would you go about informing your donors and dealing with the crisis? Please weigh-in and share so we can all learn together!

Here is to your health!

Erik Anderson
Owner, The Healthy Non-Profit LLC!/eanderson847!/profile.php?id=1021153653

About DonorDreams

Erik got his start working in the non-profit field immediately upon graduation with his masters degree in 1994. His non-profit management and fundraising experience numbers nearly 20 years. His teachable point of view around resource development is influenced by the work of Penelope Burk and those professionals subscribing to a "donor centered" paradigm. Donors have dreams and it is our responsibility to be dream-makers because donors are not ATMs.

Posted on June 27, 2011, in resource development and tagged , , , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: