Every Association has them…volunteers! We can’t live without them, but did you know that volunteers can increase your Association’s cybersecurity risks?
Let me explain further…
In Workplace laws, the responsibilities of an organisation to a volunteer are no different from their obligations to a paid employee. Yet, most Associations treat employees differently from a volunteer in so many ways.
The table below shows the differences I often see in Associations that could impact cybersecurity:
How to reduce the cybersecurity risks caused by Volunteers?
The above table shows that cybersecurity risks can actually be higher with volunteers than employees, due to the way that they are managed.
So, how can Associations manage these cybersecurity risks caused by volunteers better?
The simple answer would be to treat volunteers as much like employees as you can.
This means that volunteers should be participating in formal onboarding and termination processes. This includes regular training and signing policy documents, where relevant.
And while you won’t provide everyone with new Association-owned laptops, you can consider how to control and share information more safely, like through a Board Portal or a Volunteer Management System.
Final Thoughts
Volunteers are an important part of every Association, and yet they can also be your organisation’s greatest risk when it comes to cybersecurity.
If you treat them more like the way you treat paid employees, you’ll reduce this risk.
I regularly help Not for Profits with making strategic IT investments and managing cybersecurity risks. Let me know if you need some help.
P.S. If you found this article helpful, you might want to read these too:
- Is your Not for Profit compliant with the Privacy Act changes?
- Why cybersecurity is making it riskier to be NFP Executives & Directors
Tammy Ven Dange is a former charity CEO, Association President, Not for Profit Board Member and IT Executive. Today, she helps NFPs with strategic IT decisions, especially around investments.
