A large concern for an institution’s advancement office is the security of its donor data. Advancement offices want to make sure donors feel confident handing over sensitive information. They want to ensure that sensitive information remains secure.
Cybercrimes are on the rise, and cybercrimes in higher education are rising at a far faster rate than they are in other industries. In fact, educational institutions in July and August of 2020 saw a 30% increase in the number of cyberattacks as opposed to a 6.5% increase in other industries.
So, what can advancement offices do to make certain their donor data is secure?
1. Follow Best Practices for Protecting Payment Information
The way you store sensitive financial information matters. For instance, when working in your advancement system, never store credit card or bank account information in a database column or comment area. If a cybercriminal accesses an advancement system through a software, reporting, or database attack, they can easily access this information.
Similarly, if you’re copying checks or donation documentation and scanning these into your system, make certain that any account number or credit card info is obscured or redacted.
2. Use Secure Donation Websites
Using online vendors for gift donations can limit the opportunity for information theft. When researching which online vendor to use, make sure the site is Payment Card Industry (PCI) compliant and that authorization verification—not credit card information—is sent back to your system. In appeals to your donors, recommend they visit this secure website to donate, rather than filling out and returning a form. These online donation platforms are also great places for staff to process credit card information.
While these donation websites are excellent at securing information, it might be prudent to encourage those donating large sums to use bank drafts or electronic fund transfer transactions. These methods also help limit the exposure of important account information.
3. Be Judicious With Staff Permissions
Advancement offices often employ full-time staff, students, and volunteers, and it’s important that all advancement staff adhere to privacy rules. It might also be prudent to have different levels of access for the different types of staff. For instance, when managing wealth screening data via software, it may be best if students and volunteers can’t see wealth capacity and giving data.
Many users within the advancement office have access to a good deal of donor information. If you have a donor who wishes to remain anonymous, remove them from public documentation, or if you’re adding their gift to a record, record it into the system under “anonymous donor.”
4. Be Circumspect When Meeting With a Donor in Person
When meeting with a donor in person, keep privacy top-of-mind. If you plan on discussing gift options, wealth capacity, or account information, you should avoid doing so in a public area. Be clear that privacy can be maintained according to the donor’s wishes. Before you list a donor’s name in giving clubs, honor rolls, or recognition boards, establish that you have their permission to do so.
5. Use Technology to Safeguard Data
There are a few things you want to make certain you verify when using advancement software. For instance, you want to confirm that your software sends encrypted data when outside a private network. You may want to ensure that data is encrypted when being sent in-network as well.
It’s also important to remind system users not to share login information. Carefully monitor security within the software to keep data secure from different users, and make certain that passwords are not shared.
Help Donors Feel Secure in Their Giving
In this new age of cybercrime, it’s difficult for donors to feel fully secure when relaying sensitive financial information through the mail, over the phone, and online. But security is important to donors. They want to know that institutions value their privacy, and that colleges and universities are working hard to keep their information safe.
Advancement offices should follow best practices when it comes to securing financial information, but they should also do their due diligence when selecting software and website vendors to store their donor information. They should ensure that their advancement solution is able to easily interact with online giving sites, and it enables both privacy as well as transparency. This way, information can be shared with the business office.
Demystifying AI-Powered Automation: A Practical Example in Higher Education
September 27, 2023
Many colleges and universities are worried about artificial intelligence, but how can AI benefit an institution?
Finding Students Where They Are: Fueling Enrollment and Building Brand Awareness Among Gen Z
September 20, 2023
What does Gen Z want, and how can institutions use this understanding to boost their digital footprint and enroll more students?