A large concern for an institution’s advancement office is the security of its donor data. Advancement offices want to make sure donors feel confident handing over sensitive information. They want to ensure that sensitive information remains secure.
Cybercrimes are on the rise, and cybercrimes in higher education are rising at a far faster rate than they are in other industries. In fact, educational institutions in July and August of 2020 saw a 30% increase in the number of cyberattacks as opposed to a 6.5% increase in other industries.
So, what can advancement offices do to make certain their donor data is secure?
The way you store sensitive financial information matters. For instance, when working in your advancement system, never store credit card or bank account information in a database column or comment area. If a cybercriminal accesses an advancement system through a software, reporting, or database attack, they can easily access this information.
Similarly, if you’re copying checks or donation documentation and scanning these into your system, make certain that any account number or credit card info is obscured or redacted.
Using online vendors for gift donations can limit the opportunity for information theft. When researching which online vendor to use, make sure the site is Payment Card Industry (PCI) compliant and that authorization verification—not credit card information—is sent back to your system. In appeals to your donors, recommend they visit this secure website to donate, rather than filling out and returning a form. These online donation platforms are also great places for staff to process credit card information.
While these donation websites are excellent at securing information, it might be prudent to encourage those donating large sums to use bank drafts or electronic fund transfer transactions. These methods also help limit the exposure of important account information.
Advancement offices often employ full-time staff, students, and volunteers, and it’s important that all advancement staff adhere to privacy rules. It might also be prudent to have different levels of access for the different types of staff. For instance, when managing wealth screening data via software, it may be best if students and volunteers can’t see wealth capacity and giving data.
Many users within the advancement office have access to a good deal of donor information. If you have a donor who wishes to remain anonymous, remove them from public documentation, or if you’re adding their gift to a record, record it into the system under “anonymous donor.”
When meeting with a donor in person, keep privacy top-of-mind. If you plan on discussing gift options, wealth capacity, or account information, you should avoid doing so in a public area. Be clear that privacy can be maintained according to the donor’s wishes. Before you list a donor’s name in giving clubs, honor rolls, or recognition boards, establish that you have their permission to do so.
There are a few things you want to make certain you verify when using advancement software. For instance, you want to confirm that your software sends encrypted data when outside a private network. You may want to ensure that data is encrypted when being sent in-network as well.
It’s also important to remind system users not to share login information. Carefully monitor security within the software to keep data secure from different users, and make certain that passwords are not shared.
In this new age of cybercrime, it’s difficult for donors to feel fully secure when relaying sensitive financial information through the mail, over the phone, and online. But security is important to donors. They want to know that institutions value their privacy, and that colleges and universities are working hard to keep their information safe.
Advancement offices should follow best practices when it comes to securing financial information, but they should also do their due diligence when selecting software and website vendors to store their donor information. They should ensure that their advancement solution is able to easily interact with online giving sites, and it enables both privacy as well as transparency. This way, information can be shared with the business office.
November 17, 2021
“Agile” isn’t a term commonly employed in a college classroom or departmental meeting. And yet, the need for institutions to stay agile a...
November 10, 2021
During its 2021 conference, EDUCAUSE released its Top IT Issues of 2022. Discussing these on ...
November 03, 2021
During EDUCAUSE’s 2021 conference, a question that underscored the event seemed to be: Are the changes COVID-19 wrought on college campus...