Blog

If There’s a Data Breach—Who’s Responsible?

Let’s ask the question no one wants to ask—but everyone should:
If our nonprofit suffers a data breach, who is responsible?

It’s a tough question. One that keeps operations managers, executive directors, and board members up at night—especially when sensitive donor or program data is at stake. As someone who’s been on both the nonprofit and tech support side, I want to offer clarity, not fear.

So let’s walk through it calmly, together.

 

The Hard Truth: No System Is 100% Unbreakable

Cybersecurity is like locking your doors, and training your team to spot suspicious activity. But even the best precautions can’t promise perfection. What matters most is how prepared you are, how quickly you respond, and who shares the responsibility when things go wrong.

Shared Responsibility: What IT Support Really Means

In most nonprofit/IT relationships, accountability is shared between the organization (you) and the service provider (IT provider).

🧩 Your Responsibilities:

  • Choosing strong passwords and enabling multi-factor authentication (MFA)
  • Training staff to avoid phishing scams and unsafe clicks
  • Following data policies and access guidelines
  • Reporting suspicious behavior or incidents immediately

🛡️Your Tech’s Responsibilities:

  • Monitoring systems for threats 24/7
  • Keeping software and security tools up to date
  • Backing up data and testing recovery procedures
  • Advising you on best practices and compliance requirements
  • Responding fast when something goes wrong

A good IT provider won’t just sell you antivirus software—they’ll act as a partner in prevention and a first responder in a crisis.

What Happens If a Breach Occurs?

  1. Detection
    The MSP should identify the breach quickly, alert your team, and begin investigating.
  2. Containment
    They’ll isolate affected systems and limit further exposure.
  3. Recovery
    They’ll restore from backups (if they’ve been tested) and guide your team through cleanup.
  4. Reporting
    Depending on what was exposed, your nonprofit may be legally required to notify donors, partners, or regulators.

This is why clear roles and a written incident response plan are vital. You don’t want to be Googling “data breach response” at midnight.

Who’s Legally Responsible?

It depends on your contract and local laws, but generally:

  • Your organization is ultimately responsible for how donor data is handled.
  • Your IT support is responsible for the tools, systems, and services they manage.
  • If a breach results from negligence on either side, that party may be liable.

That’s why your agreement with your IT service should clearly define:

  • Security responsibilities
  • Data access protocols
  • Service Level Agreements (SLAs)
  • Breach notification timelines

Don’t Just Outsource—Collaborate

Your IT support should be more than just tech support. With co-managed IT services, they become strategic partners Who: 

  • Help build your data policies
  • Train your team
  • Provide breach drills or “what-if” scenarios
  • Keep you compliant with regulations like PIPEDA and CRA requirements

It’s not just about blame. It’s about building a resilient, trusted partnership.

Nonprofits like yours deal in trust. A data breach doesn’t just threaten your systems, it threatens your credibility. But with the right IT support partner by your side, you’re not alone. You have guidance, protection, and someone who speaks your language.  Human IT understands the unique pressures nonprofits face—and they’re here to help you stay safe while you stay focused on what matters.

 

How Much Does IT Support Actually Cost? A Plain-English Guide for Nonprofits

Let’s take a deep breath and talk about something that makes many nonprofit leaders nervous: the cost of IT support.

If you’ve ever wondered, “How much does it really cost to have a IT Services Company – you’re not alone. The truth is, most mission-driven organizations aren’t looking for the cheapest option. They’re looking for the most reliable, respectful partner who understands the weight they carry.

Let’s break it down together—no tech jargon, no sales pressure. Just clarity.

 

What Are You Really Paying For?

Think of an IT provider like hiring a tech team you don’t have to manage. Instead of calling someone only when things break, you get ongoing, proactive support that keeps your systems stable, secure, and stress-free.

Most IT service’s offer flat-rate monthly packages based on:

  • Number of users or devices
  • Services included (e.g., cybersecurity, backups, cloud support)
  • Response times and service level agreements (SLAs)
  • On-site vs. remote support

Average Cost for Nonprofits

IT support pricing for nonprofits can vary widely depending on your size, needs, and how complex your setup is. There’s no one-size-fits-all number, but that’s actually a good thing. It means you can find a solution that truly fits your budget and your mission.

Want a clearer picture of what makes sense for your organization?

Get Your Copy of the Non-Profit IT Buyer’s Guide — a quick, helpful resource to get your answers and plan your next tech step with confidence.

Can Nonprofits Afford This?

Here’s the better question: Can you afford not to?

Consider the potential costs of:

  • Downtime during a funding campaign
  • Ransomware locking up your donor database
  • A data breach requiring legal notification and PR clean-up
  • Staff burnout from constant tech hiccups

Compared to these, a reliable IT support is not an expense—it’s an investment in stability.

Are There Discounts for Charities?

Yes. Many Tech Companies offer:

  • Nonprofit pricing tiers
  • Annual plans that match grant cycles
  • Free assessments or onboarding
  • Bundled services with discounted rates

A good charity IT service provider understands that charities need flexibility, and they’ll work with you to find a plan that fits your mission and your budget.

What’s the ROI?

Let’s face it—every dollar matters in a nonprofit. So when you invest in IT support, you want to know: What do we actually get in return?

Here’s the real value:

  • Your team focuses on impact, not IT.
    No more losing hours to login issues, printer errors, or mystery Wi-Fi problems. Your staff stays focused on serving your community—not on troubleshooting tech.

  • People feel supported, not stressed.
    When tech works and help is easy to reach, your team feels empowered. That boosts morale, confidence, and productivity.

  • You build trust with donors and your board.
    Strong systems show that you take data security and operational stability seriously. That builds confidence with everyone invested in your mission.

  • You avoid costly, avoidable disasters.
    A single data breach or system crash can set your work back months. Proactive IT support helps prevent problems before they start.

In short: when your tech runs smoothly, your mission moves faster. You don’t need to figure this out alone. Ask for a detailed, plain-English proposal. Ask what’s included—and what’s not. A mission-aligned IT company won’t push you into something you can’t afford. 

 

Contact us

 

 

Why Hybrid Work Is a Cyber Risk for Nonprofits: How to stay Protected 

 

Whether your nonprofit team works remotely, in a hybrid setup, or from multiple locations, one thing is clear: donor data must stay secure.

But when staff are logging in from home offices, coffee shops, or shared spaces, the risks grow—and so does the need for smart, simple security. Hybrid work environments create new cybersecurity challenges, especially for organizations without full-time IT support.

So how can nonprofit leaders protect sensitive data without overwhelming their teams? Let’s walk through the essentials—together.

Why Hybrid Work Creates New Security Risks

Hybrid work is wonderful for flexibility and work-life balance. But it also introduces gaps that traditional office setups didn’t have:

  • Personal devices used for work tasks
  • Public Wi-Fi connections
  • Inconsistent security settings
  • Unclear rules around data sharing and storage
  • Staff feeling unsure about what “secure” even means

Donor names, addresses, payment records, emails, and communication history may all be floating between devices and clouds—and that’s a problem if there’s no plan in place. 

6 Ways to Protect Donor Data in Hybrid Teams

  1. Require Business-Grade Cloud Platforms

Free Google Drives and Dropbox folders aren’t enough. Use Google Workspace for Nonprofits or Microsoft 365 with nonprofit security features enabled—and managed by your IT service provider.

  1. Set Device Policies

Ensure every staffer knows whether they can use personal laptops or phones for work—and under what conditions. Encrypt devices. Require passcodes. Keep work apps separate.

  1. Enable Multi-Factor Authentication (MFA) Everywhere

It’s the simplest, strongest defense against unauthorized access—and it costs you nothing but a few minutes to set up.

  1. Train, Don’t Blame

Cybersecurity is a team culture issue, not just a tech one. Regular, judgment-free training sessions help staff recognize phishing, avoid unsafe downloads, and report mistakes early.

  1. Use Role-Based Access

Not everyone needs access to everything. Your MSP can help you set up permissions based on job roles—keeping donor data visible only to those who truly need it.

  1. Partner with a Mission-Aligned Tech Company

The right tech partner doesn’t just install tools. They help you translate policies into practice—in plain English—and respond fast when issues arise.

Security That Supports, Not Shames

Nonprofit staff aren’t meant to be cybersecurity pros—they’re here to serve. But hybrid work adds pressure, and without support, tech can feel overwhelming. That’s why clarity matters more than perfection.

With the right tools, clear policies, and kind IT support, nonprofits can have both flexibility and security. When people feel safe asking questions, your mission stays protected—and your team stays confident.

5 Hybrid Work Mistakes Nonprofits Should Avoid

  1. Thinking “We’re Too Small to Be a Target”
    Hackers look for vulnerable systems, not big budgets. They don’t care how big you are, only whether or not they can hack your systems. 

  2. Using Personal Devices and Emails for Work
    This creates security gaps you can’t monitor. Work accounts and secured devices are a must.

  3. Ignoring Software Updates
    Delaying updates leaves doors open to cyber threats. Regular updates for applications AND operating systems (and others) = stronger protection.

  4. Sharing Logins Across the Team
    Shared credentials make it impossible to trace activity and increase the risk of breaches.

  5. Skipping Cybersecurity Training
    If your team doesn’t know what phishing looks like, they can’t avoid it. Short, clear training prevents big mistakes.

 

IT Security Tips for nonprofits

WHAT ARE TRAVEL SCAMS?

The vacation season should be a time of joy, reflection, and well-deserved rest. But for many small businesses, non-profits, and charities, it’s also a time of heightened vulnerability. Cybercriminals are well aware that during the hustle and bustle of the well deserved trip, organizations might let their guards down—and they’re ready to exploit this.

Imagine this: one of your employees receives an email confirming a vacation booking they didn’t make. In the rush to clear their inbox, they click the link. Within moments, your organization’s sensitive data is compromised. It’s a chilling scenario, and it’s happening far more often than you’d think.

WHY DOES THIS MATTER

For small organizations with limited IT resources, the stakes are high. Scammers target these groups because they often lack robust cybersecurity infrastructure. Whether it’s a non-profit relying on donations or a small business serving its community, any breach can have devastating consequences.

If you think, “This won’t happen to us,” think again. Small organizations are often the easiest targets for cybercriminals. With limited IT resources and tighter budgets, your charity or small business could be one click away from a serious breach.

Let’s break it down:

  • Scammers don’t just want an individual’s money—they often use fake travel emails to infiltrate business systems.
  • A single compromised account can open the door to your entire network.
  • Even a small breach could lead to financial losses, reputational damage, and days of operational downtime.

So, how do you protect not just your peace of mind, but the integrity of your organization?

With the right IT support and preventative measures, you can protect your organization and continue your work with confidence. Limited resources can make it harder to detect and respond to cybersecurity threats. This is where managed IT services and professional cybersecurity support become indispensable.

COMMON TACTICS USED BY SCAMMERS TO ATTACK SMALL BUSINEES AND NON-PROFIT

The tactics scammers use are designed to play on our emotions: excitement, urgency, and even fear. Here’s what to look out for:

  1. Too-Good-To-Be-True Offers
    “Get 70% off a luxury resort!” These deals often come from fake booking platforms designed to steal your payment details.
  2. Last-Minute Cancellations
    “Your booking has been canceled—click here to rebook.” These urgent messages trick people into rushing without verifying authenticity.
  3. Impersonated Platforms
    Cybercriminals often create fake sites that look nearly identical to legitimate travel companies.
  4. Phishing Links
    Embedded links redirect users to fraudulent websites designed to steal credentials or infect devices with malware.
  5. Urgent Requests
    Messages claiming limited-time offers or last-minute cancellations create a sense of urgency, prompting hasty decisions.

HOW TO PROTECT YOUR ORGANIZATION

  1. Educate Your Team
    Conduct regular training sessions to help employees recognize phishing emails and fraudulent websites. Knowledge is your first line of defense.
  2. Implement Strong Cybersecurity Measures
    Work with a trusted provider of IT services to secure your organization. Tools like spam filters, firewalls, and endpoint protection are essential.
  3. Use Managed IT Services
    A managed IT service provider can proactively monitor your systems, identify threats, and respond swiftly to potential attacks.
  4. Verify Before Clicking
    Encourage staff to verify the legitimacy of emails and websites before clicking on links or providing information.
  5. Backup and Recovery Solutions
    Ensure your data is regularly backed up and accessible in case of a cyber incident.

FINAL TIPS FOR STAYING SAFE

  • Use Credit Cards: They offer better fraud protection than debit cards.
  • Monitor Bank Statements: Regularly check for suspicious transactions.
  • Enable Two-Factor Authentication (2FA): Add an extra layer of protection to your accounts.
  • Know the Recipient: Don’t send money to unfamiliar or unverified sources.
  • Be Cautious with QR Codes: Verify the source before scanning.
  • Research Before Booking: Check reviews and ratings before committing.
  • Watch for Upfront Fees: Be wary of large upfront payments; a small deposit is usually enough.

DON’T LET SCAMMERS TAKE YOUR VACATION

This summer, take a proactive stance against seasonal scams. Equip your nonprofit with the tools, training, and IT support needed to safeguard your people and your mission. At The Human IT Company we help small teams navigate the cybersecurity landscape with confidence. Book your 15-minute discovery ‘pit stop’ with us today, and let’s chart a safer course together.

 

 

“Travel scams don’t take a vacation—make sure your cybersecurity doesn’t either. Small organizations are often the easiest targets for cybercriminals. With limited IT resources and tighter budgets, your charity or small business could be one click away from a serious breach!”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

AI Chatbot Security Risks: Are Your Conversations Truly Private?

You’ve got enough on your plate. Between donor reports, hybrid team meetings, and keeping programs running smoothly, the last thing you need is another tech fire to put out. But here’s a quiet truth that deserves your attention:

That AI chatbot you’re using to save time? It might be sharing more than you realize.

For nonprofits, which often deal with sensitive donor information, personal data, and vulnerable communities, understanding the risks behind these AI tools is more crucial than ever. Tools like ChatGPT, Microsoft Copilot, Google Gemini, and DeepSeek are brilliant assistants—but only if you understand their risks. And if your nonprofit handles donor information, health records, or community-sensitive data, the stakes are too high to ignore.

 

 

What AI Chatbots Are Doing with Your Data

Every time you type a message to a chatbot, you’re sharing more than words. You’re handing over insights—some of them private, some of them mission-critical.

Let’s make this simple:

  • ChatGPT collects your prompts and usage data. These can be used to improve services—and may be shared with vendors.

  • Google Gemini stores data for up to three years. Even deleted entries might linger in systems used to train AI.

  • Microsoft Copilot tracks browsing and app use, sometimes sharing with third parties.

  • DeepSeek, a newer platform, stores your chat history and typing patterns—on servers based in China.

Now ask yourself: Would you share that kind of access with a stranger?

For nonprofits handling sensitive donor information, financial data, or details of vulnerable communities, the stakes couldn’t be higher. A single breach could jeopardize trust, funding, and the very communities you aim to serve.

Why This Hits Nonprofits Harder

We’re not just protecting data—we’re protecting trust. That includes:

  • Donor relationships built over years

  • Client confidentiality in sensitive programs

  • Board confidence in your digital maturity

A breach doesn’t just cost money. It can cost your mission. And the grief of explaining it to a stakeholder who believed in you? That’s a weight no spreadsheet can carry. These risks aren’t hypothetical; they’re already happening. And as nonprofits adopt these tools without full knowledge of their implications, they unintentionally expose themselves to vulnerabilities that could take years to repair.

Real Risks, Real Consequences

Let’s name the fear so we can move through it:

  • Data breaches: In 2024, DeepSeek suffered a breach due to poor cloud configurations. If it can happen to them, it can happen to anyone.

  • Noncompliance fines: Canadian nonprofits must follow privacy laws like PIPEDA. Violating them—even unintentionally—can lead to legal action or lost funding.

  • Reputation damage: A leaked donor list can unravel years of relationship-building.

You don’t need panic. You need a plan.

5 Ways to Keep Your Nonprofit Safe While Using AI Tools

Here’s what matters. And what doesn’t:

Choose wisely: Stick with tools that let you control data retention. Ask about compliance with Canadian privacy standards.

Limit what you share: Never input names, financial info, or personal data unless the tool is vetted and encrypted.

Adopt a Zero-Trust model: Only authorized users should access AI platforms—and only for specific tasks.

Train your team: Most breaches come from small mistakes. Help your staff understand what not to type.

Review compliance regularly: Work with a local MSP familiar with PIPEDA, CRA, and nonprofit-specific needs.

Balancing Innovation and Security

Tech is supposed to make your life easier—not scarier.

If your AI tools are saving you time but keeping you up at night, something’s off. Let’s fix that, together. At our Managed service Company here in Vancouver, we specialize in helping nonprofits like yours feel confident, secure, and supported.

Want to assess your organization’s digital security? Start with a FREE Security Assessment today and ensure your nonprofit is safeguarded against modern cyber threats.

 

 

Microsoft Ends Free Licenses for Charities: What Nonprofits Must Know

If your charity uses Microsoft 365 Business Premium or Office 365 E1 through the Microsoft Donation Program (or via TechSoup), there’s a change coming you should know about: these donated licenses won’t be renewed going forward.
That means you’ll need to either switch to a different product or begin paying for the current one.

But don’t worry—you’re not being left in the lurch. We’re here to help you navigate the change and find the most cost-effective option that still meets your needs.

WHAT’S CHANGING?

Microsoft is phasing out these two grant-based offers. This means if your charity relies on them, they’ll disappear at your next renewal date after July 1. For example, if your donation license subscription expires in October 2026, you can continue to use your licenses until then. For many nonprofits in Vancouver, this could impact your daily work, email, file sharing, and team communication tools.

WHAT YOU’LL STILL GET FOR FREE

The good news? Microsoft will still offer up to 300 free licenses of Microsoft 365 Business Basic to eligible nonprofits.

This includes:

  • Web-based versions of Word, Excel, PowerPoint, and Outlook
  • Business email (50 GB inbox per person)
  • Microsoft Teams for communication
  • 1 TB of cloud storage per user
  • Online collaboration with SharePoint and Bookings

These tools are more than enough for many nonprofits—especially those with remote or hybrid teams who need reliable access from anywhere.

NEED MORE THAN THE BASICS?

If your team needs desktop apps or advanced security, Microsoft is offering a steep 75% discount on paid plans like Business Premium. That brings costs down to around $7.50 per user per month—still budget-friendly for most organizations.

What Should You Do Next?

  1. Check your renewal date – That’s when the change will hit.
  2. Make a list of what your team actually uses – Not every feature needs replacing.
  3. Talk to an IT support partner – Especially one who understands nonprofits and grant timelines.

 

❓ FREQUENTLY ASKED QUESTIONS ABOUT THE MICROSOFT 365 CHANGES

Will we lose access to our current files?
No. After your license expires, you’ll have 30 days of access to transition, followed by 60 days where your data is still recoverable. That’s 90 days total before anything is permanently deleted.

Can we upgrade later if we choose Business Basic now?
Yes. You can always switch to a paid plan like Business Premium later, if your team needs more features or security.

What if we have more than 300 users?
The free Business Basic plan covers up to 300 users. If you need more, Microsoft offers options that support larger teams. The Human IT Company can guide you through the process.

What’s the difference between Business Basic and Business Premium?

  • Business Basic gives you email, cloud storage, and online versions of Office apps.
  • Business Premium includes all that plus installed desktop apps and better security tools—ideal if your team handles sensitive data or needs full desktop access.

What happens if we don’t act in time?
You won’t lose your data immediately. There’s a 90-day window (30 days of access, 60 more days of retention). But acting early ensures a smooth, stress-free transition.

Can we mix free and discounted licenses?
Absolutely. Many charities use a mix—up to 300 free Business Basic seats and then add discounted Business Premium licenses for staff who need more features.

HOW WE CAN HELP

The Human IT Company specializes in IT support for Vancouver nonprofits and charities. That means we understand grant cycles, tight budgets, and how important it is to protect donor data. We can help you:

  • Understand your options and expiry dates
  • Transition smoothly to new Microsoft plans
  • Keep your team productive and connected
  • Avoid surprise costs or lost data
  • Get real answers—in plain English

Still not sure what to do? Don’t hesitate to call us. Let’s talk about how we can help you adapt gently and affordably. 

CONTACT US

Cybersecurity Myths Busted: How Nonprofits Can Stay Safe With Managed IT

In today’s tech-driven world, it’s easy to think we know how to stay safe online, but sometimes what we hear about cybersecurity isn’t entirely accurate. With so many myths floating around, it’s important to take a step back and look at the facts. We are here to clear up some of those misconceptions, so you can feel more confident about protecting yourself and your information. Let’s take a closer look at the truths behind these common myths.

Myth 1: Antivirus Software Is Enough to Keep You Safe

Many believe that antivirus software alone provides sufficient protection. While crucial, it’s not a complete solution. Hackers have become increasingly sophisticated, and cybersecurity requires a multi-layered defense. Beyond antivirus, charities and non-profits should adopt firewalls, regular updates, encryption, and safe browsing habits. Managed IT services can help maintain these critical defenses.

Myth 2: Public Wi-Fi Is Safe for Browsing

Public Wi-Fi in coffee shops, airports, or libraries is often unsecured, making it a prime target for hackers. Relying on it to handle sensitive donor information or communications is risky. Without a VPN, you risk exposing data to man-in-the-middle (MITM) attacks. A VPN encrypts your connection, ensuring your data remains safe, a vital step for any non-profit organization.

Myth 3: Hackers Only Target Big Companies

Smaller organizations, including non-profits, are often considered easier targets due to limited resources. Cybercriminals aim to exploit this vulnerability to steal donor information, hijack systems, or disrupt operations. Strong cybersecurity practices, supported by managed IT services, are essential to protect your organization’s reputation and mission.

Myth 4: Passwords Only Need to Be Complex, Not Long

Focusing solely on complexity isn’t enough-length is equally critical. A password like “CharitySupport123!” is stronger than something overly complex but short. For non-profits juggling multiple accounts, a password manager simplifies creating and storing unique, robust credentials.

Myth 5: If You Haven’t Been Hacked, You’re Safe

Assuming you’re secure because you haven’t been hacked yet is dangerous. Cyberattacks are often stealthy, and the damage can remain undetected for months. Regular IT support, system audits, and monitoring tools provided by managed IT services help identify vulnerabilities before it’s too late.

 

 

 

 

 

 

 

 

 

 

Myth 6: Security Updates Can Wait

Delaying updates leaves your systems exposed to known vulnerabilities. Non-profits must prioritize timely updates to software, operating systems, and apps. Managed IT services ensure these updates are installed promptly, keeping your cybersecurity robust.

 

Myth 7: Incognito Mode Keeps You Anonymous

Private browsing modes only prevent local devices from saving history—they don’t make you invisible online. Websites can still track you, and your Internet Service Provider (ISP) monitors your activity. Using a VPN enhances online privacy and is a smart choice for charities handling sensitive donor data.

Myth 8: Social Media Privacy Settings Keep You Safe

Even with strict privacy settings, your data may still be exposed through third-party apps or platform breaches. Non-profits should regularly review settings, limit what they share online, and educate team members on responsible social media use.

 

Conclusion

Cybersecurity myths can create dangerous blind spots. For non-profits and charities, staying informed and adopting managed IT services is key to protecting donor data, operational systems, and organizational integrity.

Let us help your organization stay secure while you focus on making an impact. Contact us today for reliable IT support tailored to your needs.

 

 

 

 

“Weak passwords are responsible for 80% of all data breaches. For nonprofits handling sensitive donor data and financial records, a single compromised password can lead to devastating consequences. Ensure that your passwords are strong, unique, and regularly updated.”

 

 

Is Your Nonprofit’s Login Secure?

 

Every May 1st, we observe Password Day, a time to reflect on one of the most critical aspects of cybersecurity. The protection of our digital identities. With cyberattacks happening every 39 seconds, and the average data breach costing $4.45 million, securing your passwords is essential, especially for nonprofit organizations and charities handling sensitive donor information.

For nonprofits, password security isn’t just about protecting data—it’s about safeguarding the trust of your supporters. These organizations are often underfunded, making them prime targets for cybercriminals.

 

WHY PASSWORD SECURITY MATTERS FOR NONPROFITS?

Your login credentials is the first line of defense against cybercriminals. Research shows that nearly half of people lack confidence in their password security. Weak passwords, such as those with 8 characters or less, are still far too common.

For charities and nonprofits, a compromised password could lead to breaches that expose donor data, financial records, and internal communications. The consequences can go beyond financial losses, potentially damaging your organization’s hard-earned reputation.

Build Stronger Logins: What You Need to Know

To protect your nonprofit or charity, follow these simple guidelines for creating secure logins:

  • Length matters: Aim for at least 12 characters, ideally 16 or more.
  • Use a mix: Combine uppercase and lowercase letters, numbers, and special characters.
  • Avoid personal details: Do not use easily guessable information like names or birthdays.
  • No patterns: Avoid using common sequences like “1234” or “abcd.”
  • Unique passwords: Ensure each account has a different password to prevent a breach from spreading across platforms.

For simplicity, use a password manager to generate and store complex passwords.

The Impact of Weak Passwords

Weak login protections can lead to severe consequences. Cybercriminals can:

  • Access sensitive information, such as donor details and financial records.
  • Steal funds or commit identity theft.
  • Launch attacks or hold data for ransom.

For nonprofits, these breaches can cause significant financial strain and erode donor trust. In 2019, 80% of data breaches were linked to compromised credentials, imagine the impact if a hacker accessed your donor database.

Easy Ways to Boost Login Security for Nonprofits:

  1. Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security to your passwords.
  2. Use a Password Manager: These tools securely store and generate unique passwords for every account.
  3. Educate Your Team: Regularly teach staff about best practices for password security.
  4. Update Passwords Regularly: Change passwords if you suspect any breach.
  5. Consider Identity Theft Protection: Monitor your organization’s information for suspicious activity.

HOW PASSWORD SECURITY SAVES RESOURCES

Good password security not only prevents data breaches but also saves time and money. Recovering from a breach can be costly, both financially and reputationally. By adopting strong password practices, nonprofits demonstrate responsible stewardship of sensitive information and reduce risks.

Additionally, strong password security minimizes disruptions, allowing team members to focus on their mission rather than on recovery from a breach.

Quick Cyber Hygiene Tips to Start Today

  • Test your passwords using a trusted checker.
  • Enable MFA on accounts that support it.
  • Start using a password manager.
  • Conduct a cybersecurity audit to identify vulnerabilities.
  • Share credential security tips with your team.

 

 

Upgrade Your Charity to Windows 11

 

With just six months left before Microsoft ends support for Windows 10, now is the time to take action. If you’re still using Windows 10, it’s crucial to understand that your computer could soon be exposed to security risks without the regular Windows 10 security updates. But don’t panic there are steps you can take right now to ensure your computer remains secure and functional.

Why Upgrade to Windows 11?

Upgrading to Windows 11 is essential for long-term security. Windows 11 includes improved security features that protect you from cyber threats like malware and hacking attempts. If you want your computer to stay safe and run smoothly, it’s time to make the jump to Windows 11.

 

Let Us Help

Here’s what you need to do to protect your device and stay ahead of the game.

Step 1: Upgrade to Windows 11 (If Your Computer Is Compatible)

Microsoft is offering a free upgrade to Windows 11 for eligible PCs, and this is your best option for staying secure after Windows 10 support ends on October 14. However, not every computer can handle the upgrade, so the first thing you need to do is check whether your device is compatible.

How to Check Compatibility

To see if your PC is eligible for Windows 11, follow these simple steps:

  1. Open the Start menu and click on Settings.
  2. Go to Update & Security and click Check for Updates.
  3. If your device is eligible, you’ll see an option to upgrade to Windows 11.

If you’re not sure, you can also download the PC Health Check tool from Microsoft’s website, which will tell you if your computer meets the necessary requirements.

 

Step 2: What to Do If Your Computer Isn’t Compatible with Windows 11

If your PC doesn’t meet the requirements for Windows 11, don’t worry — you still have options.

Option 1: Upgrade Your Hardware

If your current computer is outdated, this might be the right time to invest in a new device. Modern computers come with the latest technology, faster processors, and better cybersecurity features. Plus, you’ll be set for years to come.

Option 2: Extended Support for Windows 10 (LTSB Version)

For those who aren’t ready for a new device, Microsoft offers extended support for Windows 10 through the Long-Term Servicing Branch (LTSB). This option allows you to continue receiving security updates for a longer period, but it’s not a free solution. It’s ideal for users who need to stick with Windows 10 temporarily.

 

Step 3: Be Prepared To Upgrade Your Charity to Windows 11

Whether you’re moving to Windows 11, upgrading your hardware, or opting for extended support for Windows 10, preparation is key. Here’s what you should do:

  • Backup Your Data: Before making any changes, save your important files, photos, and documents to an external drive or cloud storage.
  • Check Software Compatibility: If you use specific programs for work or personal tasks, make sure they’ll work on the new system.

Ask for Help If Needed: If this process feels overwhelming, don’t hesitate to ask a friend, or Vancouver IT support company for assistance. There’s nothing wrong with seeking help.

 

Step 4: Don’t Wait: upgrade your charity or non-profit to Windows 11

It’s important to remember that updating your system isn’t just about keeping up with technology trends. It’s about ensuring your peace of mind. A secure, updated system means you’re protecting not only your files but also your day-to-day operations. Imagine the frustration of a data breach or the downtime caused by outdated software, it’s a scenario no one wants to face.

Waiting until the last minute can lead to unnecessary stress and risks. By acting now, you’re ensuring your computer stays secure and functional as Windows 10 reaches its end of support. If your system is ready for Windows 11, take advantage of the free upgrade today. If not, explore your options to ensure your organization remains safe and operational.

 

Step 5: Need Help Upgrading your nonprofit or charity to Windows 11?

Technology doesn’t have to be intimidating. If you’re unsure about where to start or worried about making mistakes, you’re not alone. Many users feel overwhelmed by technical changes, but small steps like checking your compatibility or backing up your data can make all the difference. Let us help you take the right steps.

If you feel unsure, reach out to your IT services provider for assistance. At The Human IT Company, we’re here to support you every step of the way. Contact us today with any questions or concerns, because upgrading to Windows 11 is easy when you have the right guidance.

“With just six months until Microsoft ends support for Windows 10, now is the time to take action. Upgrade to Windows 11 or explore secure alternatives to protect your data and stay ahead of cybersecurity risks.”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

“End of support doesn’t mean the end of your computer — but it can mean the start of serious risks. A quick (and potentially free) update today can save your charity from big headaches tomorrow.”

Why the End of Windows 10 Support Matters For Charities

On October 14, 2025, Microsoft will officially end support for Windows 10. This marks the end of regular security updates and software fixes for millions of devices still running this popular operating system. If you’re still using Windows 10, it’s crucial to plan ahead by upgrading to Windows 11 or exploring other secure options.

If the thought of updating your computer or learning about “end of support” makes you feel nervous, you’re not alone. Technology can be confusing, and terms like “security updates” and “vulnerabilities” might sound overwhelming. But don’t worry, this is much simpler than it seems. Let’s break it down in plain language so you can protect your computer and your data safe.

Why Do Some People Ignore Updates?

You’re not alone if you’ve ever skipped an update or thought, “I’ll deal with it later.” Here’s why that happens:

Fear of Change:
Moving to a new system can feel daunting, especially if your team is used to the current setup. But updates often bring improved security and efficiency, making tasks easier in the long run.

Everything Seems Fine:
If your system is working fine, it’s easy to assume there’s no need to update. However, outdated systems are more vulnerable to cybersecurity risks, putting your data at risk.

Not Sure How to Update:
Many people aren’t sure how to handle updates. The good news is that updating is simple, and we’re here to guide you through it!

Uncertainty About the Benefits:
Updates often come with descriptions like “performance improvements” or “bug fixes,” which can sound vague or unimportant. Without a clear understanding of the benefits, it’s tempting to assume the update can wait.

Misconceptions About Importance:
It’s common to think of updates as optional or “nice-to-have.” However, many updates are critical, especially when they include security patches that protect your data and devices.

What Does “End of Support” Even Mean?

When Microsoft says it’s ending support for Windows 10, it means they will no longer provide security updates or bug fixes. While your computer will still work, it will become more vulnerable to threats. Think of updates like a security lock on your door, without them, your system becomes an easy target for cybercriminals.

Why Does This Matter?
When your systems stop receiving updates, your organization becomes more vulnerable to data breaches and other risks. Here’s why keeping everything up to date is essential:

Lack of Support: Without updates, your computer may not function as well over time. It’s like driving a car without regular maintenance eventually, it might not run as smoothly.

Keeping Things Secure: Updates help protect the information you rely on every day. If your system isn’t updated, there’s a greater chance your important data could be exposed.

Staying Up to Date: Updates also help your computer stay compatible with the latest tools and software. Without them, your system might struggle to keep up, just like trying to use an old version of an app that no longer works well.

What Should You Do?

Before upgrading to Windows 11, take the time to evaluate your organization’s specific needs. Make a checklist that includes assessing your software compatibility, ensuring that your critical tools and applications will work seamlessly on the new system. This proactive step can prevent unexpected disruptions during the upgrade process.

Here’s a simple, actionable plan to get started:

Step 1 Check Your Windows Version:
If you’re using Windows 10, it’s easy to check which version you’re running and see if you’re up to date. Simply search for “Check for Updates” in your computer’s settings, and it will show you whether your system is fully updated. 

Step 2: Upgrade to Windows 11 (If You Can)

Is your system ready for Windows 11? Find out more about upgrading and whether your device is compatible. We’re here to help make this transition as smooth as possible! Your IT support provider should be able to help you with this very easily, and very quickly.

What If You Do Nothing?

While it may feel like a small problem now, the consequences of not updating your computer can be serious. Data breaches, privacy violations, and financial theft are real threats that could harm your business’s reputation and the people you serve. These are risks you can’t afford to ignore, especially when simple, free updates can prevent these issues from happening.

Why You Should Act Now

Spending a few minutes to update your system or plan an upgrade from Windows 10 to Windows 11 can save your nonprofit from significant challenges in the future. This small step now helps secure your sensitive data, safeguards against cybersecurity risks, and ensures your organization avoids costly data breaches or operational disruptions. Technology doesn’t have to be scary. If you’re unsure about how to update or need assistance, don’t hesitate to reach out. The Human IT Company is here to help.