by Rachel Ayotte | Jan 27, 2025 | Article
In 2023 alone, 27% of nonprofits worldwide fell victim to cyberattacks, risking breaches of sensitive data, disruption to services and irreparable damage to reputation and funding projects.
As cyberattacks grow in the nonprofit world, prioritising cybersecurity has become an imperative. But before you can do that, it’s important to know what all the terminology means.
In this blog, we’ll cover some of the key cybersecurity terms to know, and what to look for in secure grantmaking software so you can ensure your data is never in harm’s way.
Cybersecurity is the protection of a nonprofit’s digital systems, which often house sensitive information like grantee information, financial records and more, from cyber threats and attacks.
While every nonprofit handles cybersecurity differently, the process usually often involves taking proactive measures to prevent data breaches, cyber-attacks and other malicious activities that could jeopardise the organisation’s mission and its relationships with stakeholders.
To do this, nonprofits in the United States can apply for grants like the Nonprofit Security Grant Program from the Federal Emergency Management Agency (FEMA) — which provides funding support for cybersecurity — or handle their own cybersecurity by investing in secure software and tools.
Cybersecurity is essential for grantmaking foundations to protect sensitive data, such as donor information, grantee details and internal operational data — and remain compliant.
When grantmaking foundations or other nonprofits take the right measures to remain secure, they can maintain trust and prevent data breaches that could lead to financial loss and reputational damage.
Whether your nonprofit is seeking a cybersecurity grant or investing in secure software, there are some essential cybersecurity terms to know. Learn what they mean below, and what Good Grants does to address each item.
Server security is the practice of protecting computer systems from unauthorised access, cyber threats and other security risks.
In Good Grants: There is no access via FTP. Server access is only possible by authorised staff via SSH key-based authentication through VPN access to our VPC. Access to our AWS infrastructure is only available to authorised Good Grants staff and is governed by Identity and Access Management (IAM) and multi-factor authentication (MFA).
Data encryption converts readable data into a coded form to protect it from unauthorised access, whether it’s stored or sent over the Internet.
In Good Grants: All data at rest (in our databases and media stores) is stored encrypted. All data in transit (including login credentials) is protected using TLS 1.3 (https) by default, with (AES)-256 bit encryption and SHA-256 signed certificates.
Role-based access control (RBAC) and permission-based access control are methods for managing who can access certain resources or data within an organisation.
In Good Grants: There is an extensive system for defining user roles and associated system use permissions so that users can only access functionality they’re permitted to, whether they be applicants, assessors or grant managers.
Multi-factor authentication (MFA) is a security process that requires users to verify their identity using multiple forms of evidence (factors) before they can access a system or service.
In Good Grants: Users can choose to increase protection of their account against unauthorised access by enabling multi-factor authentication (MFA). MFA can also be required for specific roles with elevated access levels.
The primary authentication method after password is a Time-based One-Time Password (TOTP). Backup recovery methods include recovery codes and SMS.
While compliance is a pretty broad term, it refers to the adherence to legal, regulatory, and industry standards for protecting data (e.g., GDPR, HIPAA).
In Good Grants: Our software is packed full of features to help you maintain compliance with requirements under the various regulations, and is compliant with GDPR, HIPAA, CCPA, APP and more.
Tackling cybersecurity as a nonprofit can be overwhelming. With so much personal and sensitive information to store, nonprofits often feel lost trying to figure out how to remain safe and compliant.
With secure software like Good Grants, grantmaking organisations can always be aware of cybersecurity. From multi-factor authentication to role-based access, Good Grants ensures that all data is protected — for good.
Learn more about security at Good Grants.
Articles
Feature focus
Ebooks
Videos
Releases
Δ