The Home of the Security Bloggers Network
Home » Security Boulevard (Original) »
Tomorrow, November 30, is Giving Tuesday, a day of emphasis on charitable giving both by individuals and organizations and enterprises. The Giving Tuesday movement came into being in 2012 to encourage generosity and charitable giving year-round; the Tuesday after the U.S. Thanksgiving holiday is officially designated Giving Tuesday. You’ve no doubt encountered myriad nonprofit organizations clamoring for your donated dollars. In 2020, Americans contributed more than $471 billion to charities, according to the Giving USA Foundation’s annual report on philanthropy.
Corporations both large and small encourage philanthropy through individual corporate payroll deduction programs or through their corporate foundations. Similarly, consumers are invited to donate to causes identified by their local television station, at the grocery checkout (round your purchase up to the next dollar in support of a given charity) and online vendors. Then there are the vendors and service providers who make their chosen cause part of their marketing program, where a percentage of every dollar goes to an identified charity.
Large organizations have the resources to enable a payroll deduction program through which employees may designate a portion of their paychecks for charitable giving. These employers are willing to eat the opex associated with such systems and task personnel to research charities and then coordinate the collection and distribution of donations. Smaller companies, (less than 1000 employees) however, often find this approach to be both too costly and burdensome.
And, as with any corporate software-enabled solution, there are security concerns.
CISOs would be well served to look to SaaS products that handle the bookkeeping, collection, research and designation of charitable giving and permit corporate and employee participation in lieu of building bespoke technology paths to satisfy their employees’ desire to participate in the corporate philanthropic vision.
According to Gideon Taub, founder and CEO of Pinkaloo Technologies and EVP of emerging markets at RenPSG, 82% of employees want to participate in philanthropic giving, specifically online giving. But, he added, the lack of a centralized capability and associated resources have been constant points of friction. These types of SaaS platforms should be frictionless, able to integrate seamlessly within the existing corporate infrastructure and allow employees to control where their donations are going while readily offering the due diligence required, Taub said. He added that making an individual’s giving account readily available for distribution by an employee or customer and providing the backroom documentation of the charitable transaction can make the process pain-free. Companies of all sizes would benefit by receiving technological guidance in implementing such a SaaS platform, he argued.
A SaaS solution is attractive both from an opex perspective as well as for safety and security reasons. Employers that offer a secure means to facilitate corporate giving can drastically reduce much of the cybercrime risk posed through various charity scams as identified by the AARP and FBI.
As attractive as Giving Tuesday is for both charities and donors, it is equally as attractive for the cybercriminal. The criminals have all year to plan how they are going to entice you to push your dollars toward their version of your designated charity. For this reason, CISOs would be well advised to push out a reminder to their supported workforce to be wary of unsolicited emails from charities asking for an unusual payment method.
The AARP consistently warns their membership, predominately senior citizens, to be wary of faux fundraising for legitimate causes such as disaster relief, veterans and hunger. They go on to urge that donors become familiar with Charity Navigator and Charity Watchdog in order to conduct due diligence on a charity. Their guidance advises consumers to “keep a record of your donations and regularly review/your credit card account to make sure you weren’t charged more than you agreed to give.”
The FBI notes an uptick in charity scams and offers similar advice to that of the AARP:
Companies and individuals should be deliberate in their creation of philanthropic giving programs for employees, make sure they are both secure and remove any friction present in these solutions. In doing so the employer, the employee and the charity all benefit.
Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.
burgesschristopher has 150 posts and counting.See all posts by burgesschristopher
The Home of the Security Bloggers Network