Ladbrook is now part of Access Insurance.

0333 344 7420

info@ladbrook.co.uk

09.00 - 17.00

Monday to Friday
Menu

Cyber Security on a Budget

A guide for small charitable and not-for-profit groups

With the ever rising use of cloud systems, online database and digital information, it’s important for charities no matter the size to ensure their cyber security is at its best. Within this article we are going to list four activities and what you can do to improve your cyber security on a budget. If you are unsure what exactly is Cyber Security or whether this affects you why not read our blog on Cyber and Data Risks or alternatively our Cyber Insurance Guide. If you re looking for cyber insurance for a charity, then please get in touch. An early priority must consider how you can safely store and recover your data.

Backing up Your Data

Think over all the information you currently have saved in relation to your organisation such as volunteer data, supporter data, critical data, invoices and payment details. Now imagine what would happen should all this data no longer be accessible, how long would you be able to continue to operate? No matter the size or the nature of any organisation, regular backups should always be made especially any crucial data which is used in the day to day running of the org. as by doing so you are ensuring that you can still function following a disaster such as a fire or theft. Furthermore if your system was to be accessed by a hacker and they were to delete all information stored on a hard drive, you have a backup ready to ensure a minimal amount of data is lost.

Below are 5 tips to assist you in backing up your data:

  1. Make backing up a daily routine – Whether you do it once a week, once a month or you have never backed up your data, try to make this a daily occurrence to ensure that in the event that the device(s) storing that original copy break down or are stolen that you have a copy of all the essential files on hand and ready.
  2. Identify what data requires backing up –  Not all data you have will be crucial in running of the organisation, rather than backup all information held take some time to review over what is stored and decided whether losing the document, image, email etc. would be detrimental to the group.
  3. Keep your backup separate – Whether the backup is a SSD, a USB stick, an SD card or even a separate computer, it is good practice to ensure that thebackup is restricted so that They are not accessible by all staff/volunteers and that they are not permanently connected (either physically or a local network) to the device holding the original copy.
  4. Consider Cloud Storage – Whilst this may not be the best option for those using larger files or those with not the most reliable internet, for those where this is not an issue the cloud could be a great way to backup necessary information. Not only this but through the use of the cloud this information can be accessed anywhere and is not restricted to a physical form.
  5. Keep up to date through online information – By reading over guides you can ensure that you are doing the best you can to keep your data available in the unforeseeable event that the data would be destroyed or loss. Some helpful guides include an introduction to Cloud Computing, Cloud Security Guidance and Protecting Bulk Personal Data.
Leading on from the above, another large threat to all organisations carrying sensitive data or requiring heavily on digital files to run day to day would be the risk of Malware Software managing to get onto your device. One of the most recent largescale examples would be the WannaCry Outbreak in 2019 which infected over 200,000 PC’s and locked users out. More information on Malware and what exactly it is can be found on the National Cyber Securing Centre guide to Mitigating Malware

Below are five tips to Protecting against Malware:

  1. Install (and turn on) antivirus software – It may seem obvious to most people, but this can be the difference between a functioning device and a costly bill with all data lost. Whilst Windows 10’s Defender provides a vast amount of protection as is with support from Microsoft it is always wise to have that little bit extra protection through an Antivirus Software. As a final note, if you are using a Mac please do not believe the myth that you cannot get any malware. This is false and not running Anti-Virus Software can leave you very vulnerable.
  2. Prevent Trustees, Volunteers and/or Staff from downloading Dodgy Apps – As a general rule you should any download apps for phones/tables from stores such as Google Play or Apple App Store as these are checked for any malware that might cause harm. You should prevent any personal downloading third party apps from unknown sources.
  3. Keep all IT equipment and Software up to date – through keeping all IT equipment and Software up to date you are doing possibly the most important step in cyber security as this will mean any vulnerability a software might have and any unsupported devices are not being used by your organisation resulting in overall better protection from Malware due to it not being compatible with new software versions or a newer device model. For information on applying updates, why not read through this article relating to Guidance on Vulnerability Management
  4. Control how USB Drives and Memory Cards can be used – Whilst a USB drive or memory card can be helpful as it allows for digital data to be moved easily, should these ever be plugged into a device infected with malware, it can lead to a outbreak within your system. Some ways in which you can protect against this is by limiting their use, using an anti-virus software and only allowing usb memory sticks that are pre-approved and cannot be used on employees/volunteers personal devices.
  5. Last but not least, through the use of a firewall you can help to ensure that your network is more secure when connecting to external networks such as the internet by creating a ‘virtual buffer zone’. With the introduction of programs already available such as Windows 10 Defender, turning on such security can be simple and there are bountiful guides online.
To finalise here are some simple tips which can be used with any and all devices to help secure your information and reduced the risk of a cyber-attack:
  • Always use password protection on devices and storage
  • Make sure portable devices such as phones and tablets can be tracked, locked or wiped from a separate device in the event of them being stolen or lost
  • Keep apps and devices up to date
  • Use two factor authentication when possible
  • Avoid predictable passwords, change default passwords and make sure to change them after a set period.
For more advice and resources, feel free to get in touch. Cyber Insurance for Charities

M Ladbrook Ltd trading as Ladbrook Insurance is a limited liability company, registered in England and Wales: 05711191. Authorised and regulated by the Financial Conduct Authority. FCA registration: 448916. Ladbrook is now part of Access Insurance Services. Access Insurance Services is a trading name of Access Underwriting Limited. Registered in England and Wales: No. 3880990 Registered Office: Benefact House, 2000 Pioneer Avenue, Gloucester Business Park, Brockworth, Gloucester, GL3 4AW. Authorised and regulated by the Financial Conduct Authority. FCA Register No. 300421. © 2025 All Rights Reserved. Privacy Policy & Terms of Use.