Given charities, not-for-profits and community groups exist to 'do good' in the world, providing support to our most vulnerable, they should be exempt from malicious vector attacks.
Unfortunately, they’re not. We've seen a data breach within a respected Australian charity in 2022 and another in the United Kingdom in 2023. So, what can we do to protect ourselves as organisations and as individuals who volunteer?
Multi-factor authentication (MFA) is an easy to deploy security measure that requires two or more ways to prove your identity when accessing your online accounts or profiles. It's generally regarded as an additional layer of protection. That's why most banks offer (and recommend) MFA as part of internet banking.
MFA is offered in many forms. Options can include a random pin, secret question, physical token, authenticator app, email - right through to biometrics or fingerprint. We have kept our MFA super easy, acknowledging how much IT literacy varies widely across our metropolitan, suburban, rural and remote communities throughout the world.
In addition to your user name and password, Be Collective offers an MFA option which connects to your mobile phone. You can opt to have a unique verification code generated each time you log into Be Collective and have it sent to you via SMS. The code is then entered as part of your log-in to confirm your identity.
While we recommend all users activate MFA for their Be Collective account, we have left the decision up to you. MFA is voluntary option, not a mandatory requirement. More information on how to enable (or disable/update) your MFA on Be Collective.
Further reading
Australian Cyber Security Centre
National Cyber Security Centre (UK)
National Cyber Security Centre (Ireland)
National Cyber Security Centre (NZ)
Incidentally, if you’re feeling a bit nervous about securing the data across your organisation, our sister organisation Tickbox is able to help navigate any IT security challenges that are keeping you awake at night. Reach out to Tickbox.