With social distancing and widespread lockdowns in effect due to COVID-19, many nonprofits are using online video conferencing as a solution. Please don’t let the ease of video conferencing fool your organization, though: the platforms still come with plenty of security risks. It’s very important for you to be aware of what these risks are as you increasingly shift events online in the age of COVID.
This article discusses the top seven tips that your nonprofit should consider to ensure that employees, community members, and donors have a flawless experience while video conferencing.
1. Recommend that employees use a virtual private network (VPN)—especially when working remotely
When employees work remotely, they usually are outside the safety of their office network and its security features. Many people have home WiFi networks with weak passwords, or worse, no passwords at all. Others enjoy going to public spots and using the communal WiFi, which is even more risky than using the WiFi at home. You should set up a VPN (virtual private network) and require employees to use it when they are working away from the office.
Ensuring that your employees are hooked up to a VPN will protect the private information of your organization, those you serve, and your donors.
Investing in a VPN network for your organization can prevent common cyber crimes such as hacking, identity theft, and malware attacks. Don’t let a cyber attack compromise the data and financial information of the people you work with. PCMag recently reviewed VPN services. Be sure to ask about nonprofit discounts when you’re researching your options.
2. Be mindful of phishing
Phishing is when online users are encouraged to click on a harmful link because it looks legitimate. If you receive an unexpected link for a video conference, consider calling or emailing a colleague to confirm it.
Many phishing attacks begin with a legitimate-looking link disguised as coming from your workplace. Always check the sender’s email address and, when in doubt, confirm with your co-workers.
3. Decide on one platform for video conferences
Shifting meetings and events online is a huge adjustment, and it makes sense to do some research to find the video conferencing platform that is right for your nonprofit.
Reviewing different software and your own organization’s resources and security concerns will help you settle on one platform for your video conferencing needs. If one meeting organizer prefers Google Meets and another prefers Zoom, you’ll probably have confusion within your organization.
It is much easier to have your colleagues become familiar with one type of software. The non-technical members of your team will be grateful for this approach.
4. Consider employee training
Keep in mind that many of the most valuable and talented members of your team may not be technically savvy.
During the coronavirus pandemic, many videos have gone viral with colleagues accidentally broadcasting themselves in compromising situations or having their meetings interrupted by family members and pets. Remind those on your team to check that their cameras are not on during a meeting if they don’t need to be. In an era where 90 percent of people always research a company before buying from it, it’s important to avoid these kinds of situations—and the unnecessary media attention they can garner that could harm your nonprofit's reputation.
Some video conferencing software automatically turns the camera on for everyone once the meeting starts, whereas others require you to allow permission before recording. This may be an important factor to consider when deciding on your video conferencing platform.
Sending out an email with instructions on how to use your video conferencing software—even if it’s just a link to the Help section of the platform’s website—will give your team a heads-up and a chance to avoid embarrassing situations. Use this training opportunity to remind employees to check to see if their video cameras or microphones are on when they don’t need to be; remind them not to click on suspicious links; mention that those sharing screens need to be aware that other open documents might pop up in this process; and include a link to this article to highlight security concerns that may not be mentioned in the technical materials.
5. Update video conference software consistently
Another important reminder for your employees: always keep on top of software updates. Although it’s annoying to have to go through the process of an update, they are absolutely crucial.
Software requires continual updates because there are always new cyber threats out there, and they must evolve in order to protect against them. Make it a company policy to always stay on top of software updates.
6. Password-protect your meetings, and lock the door once everyone is in
Most offices require a card key or employee identification to enter. Without it, the door remains locked. You would be wise to apply the same concept to your online meetings.
You can even assign all attendees an individual user name to make sure that only those authorized to be in the meetingg are logged on. If these settings are not automatic in your video conferencing software, be sure to remind whoever is organizing a video conference to set them up.
Always be mindful that passwords should be complex and never be used twice. A best practice for everyone who is doing anything online, and not just for video conferencing, is to invest in a password manager to increase cybersecurity. Complex and varied passwords are essential but may be difficult to remember. Most of today’s password management applications can do this for you by creating multiple passwords that are incredibly hard to crack and then rotating between those passwords on a consistent basis to keep hackers at bay.
7. Pay attention to whether the video conference is being recorded or not
There will usually be a red light somewhere on the screen if the conference is being recorded. Please also keep in mind that many video conferencing services automatically keep a transcript of the conversation—and chats—of the attendees.
During the COVID-19 health scare, many employees have been shocked to find out that what they thought was their personal chat with another employee ended up on the video transcript toward the end of the call. It’s best practice to remind participants at the beginning of the meeting that it is being recorded.
Maintaining communication with the communities your organization serves should not come at the cost of the privacy of your nonprofit, its employees, those it serves, or donors and affiliates. The good news is that a little knowledge, communication, and diligence can prevent most cyber threats. You have already taken the first step by reading this article—be sure to share it with your colleagues to keep the conversation going about ways to protect privacy online.