Most third sector organisations risk online data theft or leaks because of poor IT security, according to a report from the Nominet Trust, a charity that supports increased internet access.
The report, Charities’ Use of the Internet, written for the trust by the academics Eleanor Burt of St Andrews University and Professor John Taylor of Nottingham and Glasgow Caledonian universities, was published today.
It says "the majority of third sector organisations may be sitting on the cusp of ‘the perfect storm’ in respect of data security".
Increased use of cloud computing, gathering of large quantities of data including personal information, data-sharing with other organisations and a growing trend for criminals to attack soft targets all put charities at increased threat of online theft and attack, the report says.
It says data security is crucial for charities because many have to keep service users’ details confidential and capture significant amounts of data about their supporters and donors.
The report says most charities use a "relatively basic" level of online technology but will be forced to adapt as the public makes greater use of these tools. Others, however, are more advanced, using "crowdsourcing" to raise funds and find volunteers, it says.
Dan Sutch, head of development research at the Nominet Trust, said charities were aware of the need to improve data security.
"They need to be aware of where and how their data is being stored and who has access to it," he said.
Smaller organisations could find bigger ones to help them improve their data security, said Sutch, or umbrella groups such as the NCVO could provide advice. Funders should pay for security measures, he added.