Protect Your Organization from Email Scams

A few years ago, Demosphere posted about the topic of Email Scams and how to protect yourself. This issue has recently re-surfaced with a few of our clients reporting being the victim of email scams.

In one recent situation, the scam involved an email being sent “from” the President of the Club to the Club’s Treasurer, asking for money to be wired into a specific bank account. Unfortunately, the wire transfer was processed and the money has thus vanished from the Club. Local authorities are working to uncover the source, however it’s improbable that the funds will ever be recovered.

These situations are real and it’s important to learn what you can do to prevent them. Below are some recommendations to help protect the Demosphere community:data privacy

  • Keep passwords secure:  It’s important to keep your passwords safe to avoid unauthorized use of your accounts. Check out our previous post for some tips on managing password security.
  • Verify all financial transactions: If someone in your organization asks you to transfer funds, always question and verify the validity of the request first. In this case it truly is better to be safe than sorry.
  • Don’t post personal email address on your public website: Demosphere recommends using one generic contact email address for your organization on your public website, such as info@example.com. Keep board member, administrative and coaching staff emails private.
    • Demosphere’s WebWriter® CMS  product allows you to create protected content pages, so you can ensure your members have access to the info they need, without exposing your organization to potential phishing scams.Data Privacy
  • Protect your member data: Be sure to review the Privacy Policy of your database provider(s) to ensure contact info, such as email address, are kept private and secure.
    • Part of Demosphere’s mission is to maintain an ethical approach to data privacy to protect the privacy of the children and volunteers in our youth sports community.

Have you had a related experience? Post a comment below and let the Demosphere Community know what to watch out for!

Data Security Q&A With Demosphere

Demosphere has managed membership lists since the Company was founded over 25 years ago – and security has always been a top priority.

To keep our clients informed about their data security, we answered some of the most asked questions in regards to our security practices!

 

1. When registrants put in their personal information, is it safe?

SSLDemosphere’s security policy is based on a fundamental obligation to protect client data. We use SSL/TLS security to encrypt all data sent between registrants and our servers.

Data on our servers is protected by multiple firewalls, access control list, and encrypted keys to control access. Additionally, our servers are scanned at regular intervals for new potential security threats.

2. Who is responsible for protecting my information?

Our systems are managed by in-house experts in data security and maintenance of personally identifiable information. The system is structured to minimize the chance of non­-professional users compromising an individual’s privacy or identity.

Our experts analyze how data is collected, stored, backed­ up, copied, summarized, reported, edited, and sent to other parties with respect to maintaining the accuracy, confidentiality, privacy, and integrity of the data files.

3. Is my information being stored in a secure location?

Demosphere’s entire network is housed in one of the largest secure facilities dedicated to server hosting, a principal hub of technological expertise on the Internet. Physical security is maintained by 24­-hour guards and alarm systems. Electricity, air conditioning, and connectivity to the Internet are maintained by redundant, highly available systems.

4. How often are you checking for security breaches?

Monitoring is performed continually on every server, from both inside and outside the Demosphere network, on multiple protocols. These checks confirm that each server is running & functioning properly. Every three minutes, monitors check the servers and if any exceptional situation is detected, a message with the exact problem is sent to our technical staff, 24x7x365.

PCI-compliant5. Are my payments secure?

Demosphere is PCI-Compliant. What does this mean for you? It means that Demosphere holds compliance with credit card security standards and can process payments securely online. Monthly audits are performed to confirm ongoing compliance.

6. Is my data being shared with any outside parties?

At Demosphere, we do not use, share or sell any registrant data from our systems for any purpose. All data collected by your organization is yours – you retain ownership – we just store it securely on your behalf.

Our reputation is of paramount importance to our success – Demosphere designs and deploys the most reliable and secure network infrastructure to keep every client as a positive reference. 

If you have a question about our security policy that you’d like to ask a Demosphere Representative, reach out to our Support Team at support @ blog.demosphere.com!

Protect Your Club Against Embezzlement

robberAt least once each year, new stories emerge of youth sports organizations facing difficult times following the actions of dishonest individuals.

A Hastings, Minnesota man was charged with five counts of felony theft after being accused of taking $113,000 from a youth sports league in 2013.

Trenton, New Jersey witnessed a former Pop Warner volunteer be sentenced to 27 months in prison after a wire fraud conviction in 2014 – his restitution totaling $560,000.

Most recently, in 2015, a Spokane, Washington man pled guilty to second degree theft charges and is serving jail time after stealing more than $100,000 from his child’s soccer organization.

While there may not be one perfect solution, there are a handful of small, inexpensive measures that can be taken to prevent incidents from happening in the future.

Separation of Duties

A simple way to create an obstacle against theft is to set up a separation of duties within the organization. For example, one individual is responsible for ordering items, while a second individual is responsible for completing the invoice for those items.

For any club expenses, require two authorized club administrators to sign the check to ensure the payment is legitimate.

Even in small organizations where separating duties might not be a possibility, volunteers should make their accounting records as transparent as possible so other interested members can check the finances at any time.

Hire A Professional

Especially in volunteer-based organizations, administrators aren’t likely to be expert accountants. Bringing in an outside company to review the yearly figures will raise any potential red flags that require further analysis.

Limit Terms

Set limitations on each position within your organization so an individual is not able to remain in the same seat indefinitely. Knowing that a new election is occurring annually and a fresh set of eyes will be going over the financials can be enough to deter theft.

Small steps such as these can help deter a potential threat to your organization’s finances and create roadblocks to catch an attempted theft. What other tactics have proven helpful in your organization?

 

What To Look For In Your Privacy Policy

As an administrator, you’re responsible for keeping your organization safe. But how much do you really know about how your providers are using your members’ data?

Demosphere has created the following tutorial to help protect your organization’s sensitive information:

Need some help finding how your provider is using your organization’s data?

Find your privacy policy below!

For more information on what to look for in Privacy Policies and other helpful tips to keep your organization protected, reference the Safety Center in the Demosphere Blog!

Safety Center

Demosphere’s Safety Center has compiled various webinars, research, and articles to help protect your organization’s sensitive information.

Choose from the two available categories below: Provider Security and Organization-wide Security

 

[one_third]Provider[/one_third]
[two_third_last]

Choose from the list of Provider Security resources below to learn more about the important factors you should consider when evaluating service providers:

[/two_third_last]

[one_third][button link=”http://blog.demosphere.com/2013/02/is-free-really-free/” size=”medium”]

Perils of ‘Free’ Solutions
[/button][/one_third]
[two_third_last]Perils of ‘Free’ Solutions
There are a few important things to keep in mind when evaluating online services, especially when you hear the word “free”. Watch out for Privacy Policies, Content Usage, and Support.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2015/07/privacy-policy-info/” size=”medium”]

Checking Your Privacy Policy
[/button][/one_third]
[two_third_last]What’s In Your Privacy Policy
How much do you really know about how your providers are using your members’ data? Demosphere has created the following tutorial to help protect your organization’s sensitive information.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2013/07/data-shared/” size=”medium”]

Demosphere Data Usage
[/button][/one_third]
[two_third_last]Demosphere Data Usage
Wondering how your data is being shared if you’re using a Demosphere system? Demosphere answers the question “How is my data being used?”[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/security/” size=”medium”]

Data Security Information
[/button][/one_third]
[two_third_last]Data Security Information
Demosphere’s security policy is based on a fundamental obligation to protect membership lists and sensitive information. Read about Demosphere’s Off-Site Hosting, SSL Encryption, Secure Coding and more.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2016/03/data-security-questions/” size=”medium”]

Demosphere Security Q&A
[/button][/one_third]
[two_third_last]Q&A With Demosphere About Security
To keep our clients informed about their data security, we answered some of the most asked questions in regards to our security practices![/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/privacy-policy/” size=”medium”]

Demosphere’s Privacy Policy
[/button][/one_third]
[two_third_last]Demosphere’s Privacy Policy
Read the details yourself in Demosphere’s Privacy Policy to see exactly how your organization’s information is being used.[/two_third_last]
[divider_padding]

[one_third]Org-wide[/one_third]
[two_third_last]

Read up on what you can do to protect your organization and keep your sensitive data safe in the Organization-wide Security list:

[/two_third_last]
[one_third][button link=”http://blog.demosphere.com/2015/03/privacy-best-practices/” size=”medium”]

Keeping Your Organization Safe
[/button][/one_third]
[two_third_last]Keeping Your Organization Safe
As an administrator you have a responsibility to protect the data of your players and their parents. It’s time to get serious and vigilantly take matters into your own hands when it comes to preparing yourself for potential issues. This blog talks Privacy Policy, In-Office Security, Background Checks, Chargebacks, And User Protection. [/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2015/07/take-your-privacy-back/” size=”medium”]

Take Your Privacy Back
[/button][/one_third]
[two_third_last]Take Your Privacy Back
If your privacy policy contains statements about data sharing with outside partners or vendors, be wary of where your members’ information is being sent for your provider’s own financial gain. It’s time to protect your organization’s privacy and take the power back into your own hands![/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/maximize/club-data-management/” size=”medium”]

Effective Data Management
[/button][/one_third]
[two_third_last]Effective Data Management
A serious data breach could put the organization out of business – either legally (via lawsuit) or because parents aren’t comfortable with you holding their information. The following Maximize Demosphere webinar talked about how to protect your organization with Privacy Policies, In-Office Security, and Individual Security[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2013/07/youth-sports-privacy-policy/” size=”medium”]

Create Your Privacy Policy
[/button][/one_third]
[two_third_last]Create Your Privacy Policy
To be safe and smart, your organization needs a Privacy Policy to explain exactly how data will be used. The following blog posts discusses what items to include when creating your policy.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2011/08/password-security-tips/” size=”medium”]

Password Security Tips
[/button][/one_third]
[two_third_last]Password Security Tips
People use passwords for just about everything online.The security of these password cannot be underestimated. Often times, users use extremely easy passwords (think ‘temp’) that can be compromised without much effort.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2013/01/email-scams/” size=”medium”]

Protect Against Scams
[/button][/one_third]
[two_third_last]Protect Against Scams
The two most common online security vulnerabilities within youth sports organizations concern registration systems and email accounts. In both cases, the password used to access these areas is of utmost importance.[/two_third_last]
[divider_padding]

[one_third][button link=”http://blog.demosphere.com/2015/09/field-safety-preparation/” size=”medium”]

Create An Emergency Plan
[/button][/one_third]
[two_third_last]Create An Emergency Plan
Whether gathered in a professional stadium or watching from your school’s gymnasium, it’s better to be safe than sorry when it comes to having a prepared plan for all possible events.[/two_third_last]
[divider_padding]

For more information and tips regarding online security reach out to Demosphere at support @ blog.demosphere.com.