by Guest contributor | Oct 2, 2024 | Article
This article was written by Dan Whitty, Senior Information Security Analyst at Good Grants.
Implementing security best practices for your grants program is important not only for securing data but also for supporting individuals in reaching their full potential. At Good Grants, we understand that security is a must-have as part of grantmaking process. And there is no better time to talk about security than during Cybersecurity Awareness Month.
To think about the importance of security, let’s consider Maslow’s hierarchy of needs. This widely recognised theory from the paper “A Theory of Human Motivation” outlines a pyramid of human needs, starting from basic survival and progressing to the highest level: self-actualisation, where people achieve their fullest potential.
This theory emphasises that in order for anyone to reach their highest level of accomplishment, they must experience the foundation of safety and security. Without this sense of safety, progress and personal growth can be very challenging.
This layer of security can ensure that your participants feel safe and confident throughout the grantmaking process. If safety is compromised, the sense of accomplishment—and your program’s impact—can be diminished, and trust in the program can be lost. That’s why maintaining a safe environment for your grant or funding program is non-negotiable.
Grant programs deal with a wide range of data, from personal information to confidential project proposals. Ensuring your program and data are secure can help protect this information and ultimately help ensure the needs and safety of your participants are met.
Here are some best practices to consider for your grantmaking program.
Encryption: Ensure all data both in transit and at rest is encrypted. Good Grants, for example, has implemented technical measures to protect data at rest using AES-256 bit encryption and in transit using a minimum of TLS 1.3 with secure ciphers.
Field level encryption: Beyond entire database encryption, it’s also important to mark sensitive fields that will be encrypted BEFORE being stored. Data stored in Good Grants is protected by a broad range of security measures by default. Additional data protection options are available on fields, for specific circumstances, which can be protected with additional elevated or maximum protections.
Strong but memorable passwords: Users who access the system (irrespective of their role) should also maintain good password hygiene, and set a strong but memorable password. Good Grants, for example, requires all passwords to be at least 12 characters, including a number, an upper-case and a lower-case letter and a special character.
Pro tip: Combine 3 random words to make a memorable but secure password.
Multi-factor authentication: Implementing an additional layer of authentication to a strong password helps further mitigate the risk of account compromise. Good Grants provides MFA options at both the user level and management level, so managers can enforce multi-factor authentication for all users in the program.
Role-based access: Assignment of roles ensures that only authorised users have access to your data. By implementing role based access, you limit the ability to access, read or alter data. It’s also good practice to limit the number of users who have administrative access to alter or change a program. At Good Grants, we’ve developed industry standard roles, but you can also customise your own roles with permissions to suit your granular program needs.
Training and awareness: Educating staff and users of your system helps ensure that best practices are maintained and data is handled or accessed appropriately. The Good Grants client success team helps onboard and train personnel to ensure a safe culture is built in parallel with the program kick-off.
It’s important to implement security and data protection best practices into your grantmaking lifecycle to help support a strong foundation where your participants feel safe and secure, and help them on their journey to achievement.
Learn more about security at Good Grants.
Articles
Feature focus
Ebooks
Videos
Releases
Δ