We use cookies to help us provide you with the best experience, improve and tailor our services, and carry out our marketing activities. For more information, including how to manage your cookie settings, see our privacy notice.


Skip to content. | Skip to navigation

Covid-19 update: Government guidance changed on 19 July 2021 - we're currently updating our information in response to this. In the meantime, visit the government's guidance on lifting restrictions.

Community-made content which you can improve Case study from our community

How to protect your charity's IT systems

As a charitable organisation you’re constantly dealing with the sensitive information and data of your most precious asset - your supporters, members or donors. Their personal details and donations could be at risk if you don’t suitably protect your computers. There is a bewildering array of malicious software out there: from worms to Trojans and phishing. These often masquerade as trustworthy web sites, but all to trick you and acquire your sensitive information.

According to security experts Get protected – despite the threats, many charities do not secure themselves properly, which obviously could result in a breach of security, loss of data or just wasted time as you try to recover the situation. 

There are ways to safely store the information your charity holds, covered in this article, but what about software that can protect your PCs? The following steps will help you take precautions.

Things you'll need

  • Your computers - running Windows, Apple iOS or Linux.

Install anti-virus software

  • It is the job of your anti-virus software to keep track of the latest security problems and shield you from their effects. It should detect known viruses on your computer and eliminate them. In some cases it will also stop viruses getting on to your machine.
  • Windows Defender is built into the latest Windows operating system, but there are also many well respected anti-virus software packages available.
  • Symantec and BitDefender are available at heavily discounted prices for charities from Technology Trust. AVG and Avast are free for personal use, with discounted rates for charities. They all have different strengths and weaknesses. Look at reviews and ask for up-to-date expert advice.
  • Clamwin is an open source free virus killer which can be used at home or in the office free of charge.

If you already have anti-virus software on your computer you should NOT install a new program before you uninstall the old one. Rather than doubling your protection, the one is very likely to treat the other as hostile and cause problems.

Many charities can set their anti-virus or spyware software to scan the internet more frequently – hourly in some cases – for new threats, or download security patches more regularly. Others set their anti-virus software to protect their web gateways, often forgotten, as well as email.


Keep your system up to date

  • If your Operating System is not updated regularly it will not be able to protect your computer from the latest security threats. Anti-virus software may not prevent this, so you must keep system files up to date too.
  • The Windows Update feature should be enabled by default which will work in the background to download and install updates at a suitable time when you know the computer is on, but not in use. Devices running Apple IOS and Linux have similar features. Don't skip applying these updates when the operating system asks to download them.
  • Often a restart will be required for the updates to take effect.
  • Also allow programs or apps (such as your Office Suite) which run on your computer or device to be updated when requested.

Install Spybot and Ad-aware

You can tackle almost all spyware or malware by installing specialist software on your computer, much of which is free and relatively easy to install and keep up to date.

  • Alternatives to Spybot include Windows Defender, which is part of the latest Windows operating systems. Makers of popular anti-virus software such as Bitdefender and Symantec also have anti-spyware products which you can pay for (although at a discounted rate for charities via Technology Trust).

NOTE: Always back-up your data before installing anything new; these sites are safe but it is a good policy to adopt.



Firewalls also prevent threats from reaching PCs. These prevent software installed on a PC from communicating with the internet unless specifically allowed to. This stops software containing malware from broadcasting personal information to hackers over the internet.

Firewalls come in two varieties: hardware that might be incorporated into your router or internet modem; and software. Experts recommend running both because some laptops can be used away from the office hardware firewall.


Block pop-ups

  • When using a browser such as Firefox or Edge to access the internet you may notice that lots of small windows "pop up" over the page you’re visiting – containing anything from promotional material to obscene material. These may be distracting, confusing or offensive, but if you click on them they can also download hidden malware such as viruses and spyware.
  • Pop-up blockers block these extra browser windows and the latest version of most browsers now contain one, including Microsoft Internet Explorer, Safari and Firefox. Google also offers a reliable pop-up blocker that is easy to install and use. It adds a toolbar to the top of your browser window and comes with access to other Google tools such as a news reader.

Working away from the office

As a modern, accommodating organisation; you more than likely have many volunteers, employees working from home or out in the field, whose computers are much harder to protect from hackers and malware. However it is as important to take precautions on these computers too.

If staff are using their own PC ensure they follow these guidelines to protect it and ask them to sign an Acceptable Use policy. 

Ask users to set strong Usernames and Passwords including use of special characters (e.g. £ $ ! symbols) for sites they access and consider encryption of files as an extra precaution should a device get lost or stolen. Websites should not allow an unlimited number of attempts to enter usernames and passwords. 

Be aware of connecting to untrusted or unsecured WiFi networks (e.g. in Cafes) which could open up your computers to attacks or expose data transferred to the Internet.  

Some organisations may issue employees with a key, a key ring or card which displays a security number that changes every 60 seconds on an electronic display. As well as entering a password and username, a remote user must submit that security number to verify who they are.

Further information

NCVO’s Trusted Suppliers Phoenix Software and Pugh provide tips to help you prevent an attack and information on ransomware. They offer discounts to NCVO members on security software to ensure your organisation is protected against potential virus, security or ransomware attacks. 


Page last edited Aug 12, 2019 History

Help us to improve this page – give us feedback.