Overview
Security
of data and information needs to be considered in everything we do.
Donor and prospect information is particularly sensitive and could
subject an institution to public exposure and admonishment if this
critical information was leaked or stolen.
We are entrusted by our prospects and donors to maintain
confidentiality and to safeguard their information and if this trust
is misplaced it will have an adverse our ability to raise funds.
We are also typically responsible for maintaining the list of
alumni, and the possible misappropriation of this information for
commercial or other purposes has great appeal for criminals. This
data is not just an average cross section of the population, but
represents the higher income earners and achievers in society.
In addition to basic biographical information, most advancement and
development systems and organizations retain much more in-depth
information on the higher level donors and prospects, and this
information must be protected. We also have the additional issues of
protecting donor anonymity when requested by donors. Many
organizations purchase mailing lists, and these lists are the most
valuable.
These few pages on security are not intended to be an in-depth
review and analysis of security policies and procedures, but
represent a basic summary and discussion of practices that you
should consider.
The topic of security is broad and covers many areas from locking
down your desktop computer to the more complex issues of digital
rights management, hard copy information and data backup and
recovery strategies.
Managing security is one of the most important trends in information
technology. With the advent of virus attacks, identity theft,
hackers trying to get into your corporate networks, and theft of
data, we need to improve our vigilance and management practices.
Current publicity regarding breaches in security for higher
education data has been limited and educational institutions have
been spared some of the public scandals associated with some
breaches such as the posting of credit card or social security
numbers on public web sites.
However, it is just a matter of time before sensitive and public
donor information is accessed and makes an interesting front page
news story.
With recent changes in laws regarding fiduciary responsibility of
management, executives and directors are much more personally
accountable for security operations than they have been. Breaches
can cause loss of employment and personal lawsuits.
Managing security needs to move from one of your check items, to one
of your most important regular agenda items. |