A Beginner’s Guide to Nonprofit Website Security

Tell me if this is true for you:

You know that if you had a little more tech knowledge in your toolbox, you’d be able to…

  • work faster,
  • troubleshoot on your own or
  • choose the best solution.

You’re in good company.

Most of us don’t have formal training in websites. (My degree is in political science.)

We’re just teaching ourselves what we can, when we can, as best we can.

I’m here to help you learn the tech skills that can help you work faster, troubleshoot on your own or choose the best solution.

In today’s resource, I’m teaching you core principles that you need to understand about website security.

A nonprofit guide to website security

Thou shall transmit thy data securely

Search engines, content management systems and social media platforms all want your website to use HTTPS.

In a couple of years, you won’t even have a choice. Your website will have to be HTTPS.

What’s HTTPS? It’s a method of transmitting information to/from your website users via a secure connection.

For example, if I enter my name and email address to subscribe to your email list, my information will be transmitted securely if your website uses HTTPS.

Start here: Your website is not finished. You forgot HTTPS. →

Thou shall keep thy software updated

Keeping your website software updated feels kinda like brushing your teeth – tedious.

It’s also the best way to avoid both small tech headaches, like forms that stop working, and large tech headaches, like a hacked site.

Learn the why and the how: A Guide for Accidental Techies: Updating Website Software →

Thou shall choose a high-quality web host

Most of the “Oh no, our website is down/hacked” emergencies that I’ve come across with nonprofits were caused by a low quality host.

Investing in a good web host can feel like a burden, but believe me, a good web host will save you and your organization when an emergency arises.

My recommendations for choosing a web host: The One Website Cost Your Organization Can’t Afford to Skimp On →

Thou shall have a strong password

What makes password “strong”?

  • Lots of characters, usually more than 8, but I aim for more than 12
  • Includes a combination of uppercase, lowercase, numbers, symbols
  • Changes every 3 to 6 months

Need help getting started with a strong password? Here’s the recipe I like to use over at Random.org

Thou shall not share thy login information

If you have a tangle of user accounts and permission levels for your website, you’re not alone. Many nonprofits are in the same boat.

Keep your setup tidy by following these three guidelines:

  • Every user has her own account…
  • With just the permissions she needs, and no more
  • Close accounts promptly when staff/interns/volunteers leave

Thou shall have a backup

Even the most seasoned web professionals have a safety net – a backup of the website.

Do you have an automated backup system in place for your website?

If not, watch my tutorial for WordPress websites: Learn How to Backup Your Website →

Thou shall subscribe to SmartCause Digital email updates

Ready to add digital skills to your resumé? Make sure you’re subscribed to SmartCause Digital Updates. You’ll receive helpful resources, just like this one, to help you transform your website and transform your career.

yesenia sotelo

About Yesenia Sotelo

Yesenia Sotelo is a digital skills teacher and web developer.

She elevates ambitious nonprofit professionals by teaching them how to use the technology tools of modern marketing.

Yesenia can teach you how to use website analytics or improve your online marketing results.

Her SmartCause Method for building websites is especially designed for the way nonprofits collaborate, make decisions and grow.

She won the Lifetime Achievement Award from the Nonprofit Technology Network (NTEN) for her work teaching digital skills to nonprofit professionals.