Insider Tips to Mitigate Non Profit Risk


July 31, 2021

Is Your Organization Prepared to Protect Your Data, Your Reputation, and Your Mission?

If you’re running a nonprofit, risks abound. If your organization handles data, deals in HIPPA-protected records, or manages large amounts of donated funds, that risk amplifies. Fortunately, the world is full of consultants, software programs and platforms that can help you set up structures to mitigate your risk.

Here at Integris, we specialize in providing IT managed services to nonprofit companies, and a big part of that, not surprisingly, is helping those organizations avoid the fiscal and physical risks that can derail their missions. What kinds of risk management strategies do we recommend? Here’s our tips for managing nonprofit risk.

Purchase Cybersecurity Insurance

This might seem like a bit of a luxury to a small nonprofit, but with the threat of data loss and ransomware looming over every organization, you really can’t afford to ignore this threat. Cybersecurity insurance can be purchased on a scalable basis, and it can protect you from the costs associated with cleaning up after a major cyber attack. This can include data restoration, paying ransoms or more.

Here’s the important thing to know about cybersecurity, however. If you think purchasing a policy means you don’t need to invest in security programs, think again. Cybersecurity insurance companies require their clients to have security programs in place, namely login programs for two factor authentication. Companies who buy the policies must demonstrate they are making at least a minimum effort to contain threats. We work with software vendors like IronScales, recommend zero trust security policies, and more.

Consider Security Equipment—and the Nonprofit Security Grant

If your organization is at risk of physical attack due to your mission, your location or your operations, you may be eligible for a federal grant for up to $10,000 to cover security equipment. The grant covers security cameras, computer monitoring equipment, and the cost of 24/7, monitoring services. Want to participate? Here’s what you need to know to apply.

Take Your Organization to the Cloud

What does Cloud computing have to do with mitigating your risk? As it turns out, a lot. When you take your organization to the cloud using platforms like Microsoft Windows 365 Cloud PC all your software, files, user data and even your computer’s operating system are streaming live, and not stored on your equipment. That means you not only can make your computer hardware last longer, but you can amplify your organization’s security. Why? Because the fussier, day-to-day issues like security patch updates are covered centrally, in the cloud. Cloud systems run with zero trust security baked in, so your users are continuously being verified throughout their time using your equipment. If you’re curious about how Cloud works for nonprofit organizations, check out our case study about the we took the Presbyterian Night Shelter to new levels of productivity in the Cloud. And for more information about our involvement with the Cloud PC product launching Fall 2021, check out this press release.

Cover Your Entire Risk Spectrum

While Integris can help you with your cybercrime deterrence, and install equipment to arm and monitor your physical plant, there are many areas where your organization needs risk coverage. We recommend you assemble a team of experts that can help you cover all areas of your nonprofit risk management. Accountants, lawyers and risk management insurance brokers can help you avoid:

  • Fraud by impersonation. Where third parties or vendors claim to be with your organization to obtain false donations or in-kind services.
  • Theft. Employees or volunteers who steal donated money or other items from your locations.
  • Compliance Issues. Fail to report your earnings properly, or get afoul of the regulations that govern your nonprofit, and your mission could come to an abrupt halt.

Looking for advice on how to mitigate your risks as a nonprofit? Check out our recent free webinar on nonprofit risks management in 2021, and how to mitigate. This 60-minute panel discussion includes expert from across the spectrum—law, insurance, risk management, accounting, and cybersecurity. You won’t want to miss it!

Resources for Nonprofit Risk Management

Integris has all the resources you need to do your homework on risk management;. Take a look at our guide to buying cybersecurity insurance. Here’s where you can find out more about the affordable, scalable services Integris offers for nonprofit companies.

To get the full complement of information about how to purchase IT services for your nonprofit company. download our free Nonprofit Essentials Kit, today.

Susan Gosselin is a Senior Content Writer for Integris. A career communicator and business journalist, she's written extensively on IT topics and trends for IT service providers like Iconic IT and ProCoders Ukraine, as well as business publications such as,, The Lane Report and many others. Connect with her on LinkedIn.

Keep reading

How the Best IT Companies in Minnesota Support the Hybrid Workforce

How the Best IT Companies in Minnesota Support the Hybrid Workforce

After the initial shutdowns and stay-at-home orders lifted following COVID-19, workers throughout the United States and Minnesota decided that the work-from-home model was here to stay. It makes sense -- working from home offers a lot of convenience to your team – and...

Do I Need To Improve My Endpoint Protection?

Do I Need To Improve My Endpoint Protection?

A compromised endpoint gives hackers everything they need to get a foothold in your security network. Once there, they can steal data and potentially hold it for ransom. That’s why it’s so important for business owners to secure their critical endpoints (including...

Multi-Factor Authentication

Multi-Factor Authentication

Granting access to information is a necessity, as is security for both the user needing access and for the information for which access is being granted. The best way to handle this is by establishing user accounts for users. This does several things at once: Allows...