Blog February 2020

Cyber Security - Knowledge is Power!

Unfortunately, cyber security attacks are occurring more and more. It doesn’t matter the size of your organization – you have to make sure you are doing everything you can to keep it safeguarded. Association professionals – be sure to protect your data, your network, and your customer information.
Employees must consistently follow basic practices to be compliant in protecting their company and its data.

Here are several tips and suggestions that organizations can use, and that we use at McKenna Management, to help keep our business, and our client associations, protected from attack. Every member of an organization is responsible for security. It is important to take the time to educate staff and make security part of your culture.


Keep software up-to-date.No matter what operating system, browser or other software you use, keep it up to date. Set it to update automatically so you don’t leave your system vulnerable to hackers.

Back up your files.No system is completely secure. Create offline backups of important files. That way, if your computer is compromised, you’ll still have access to your files.

Use strong passwords.The longer the better – at least 12 characters. Mix numbers, symbols, and capital letters into the middle of the password, not at the beginning or end. The more complex the better. Don’t use patterns to lengthen a password. Never use the same password for more than one account, or for personal and business accounts. If you write them down, lock them up. Consider using a password manager, an easy-to-access application that allows you to store all your valuable password information in one place. Don’t share passwords on the phone, in texts or by email.

Password protect all your devices.If you access your business network from an app on your phone or other device use a strong password for the app, too.

Don’t leave your laptop, phone or other devices unattended in public.They may contain sensitive information – and they’re costly to replace. If they go missing, the information stored on them may fall into the hands of an identity thief.


Protect account information.Every timesomeone asks for business information – whether in an email, text, phone call or online form – think about whether you can really trust the request. Scammers will say or do anything, or pretend to be anyone, to get account numbers, credit card numbers, Social Security numbers or other credentials. Scammers will say the request is urgent and pressure or threaten you to get you to give up company information.

Only give sensitive information over encrypted websites.If your company is banking or buying online, stick to sites that use encryption to protect your information as it travels from your computer to their server. Look forhttps at the beginning of the web address in the address bar of your browser. Look for https on every page of the site you’re on, not just where you log in.


If you’re on the go, Wi-Fi hotspots in coffee shops, libraries, airports, hotels, and other public places are convenient – but often they’re not secure. In fact, if a network doesn’t require a WPA2 password (a password to connect to the wireless network), it’s probably not secure. To protect your information when using wireless hotspots, send information only to websites that are fully encrypted – look forhttps on every page. And avoid using mobile apps that require sharing personal or financial information over public Wi-Fi.

These fundamentals are inexpensive and are the very minimum that your organization can implement to receive the maximum benefit. Effective cyber security requires total participation – it’s a team effort. Many users do not implement these basic procedures because they assume additional security controls will complicate usability and interfere with efficiency. To truly protect your assets, your organization must work towards proactive risk management rather than reactive compliance. 

Karen Murphy is Administrative Manager at McKenna Management, Inc., an association management company based in Westford, Massachusetts.