2020 has been a tumultuous year for nonprofit data security. As all NPOs have become data-driven, thousands have announced data breaches as millions of donor data records have been compromised, this year alone. At Gravyty, we pride ourselves on using the very best technologies available to solve nonprofit organizations’ largest challenges. That’s why expanded our AI platform to directly address nonprofit donor data security.
We released Gravyty Guard to protect the well-intentioned development professionals, who handle sensitive donor data every day, from becoming the source of unintentional and malicious data breaches.
A shocking 85% of data breaches are a result of mistakes, which could be as small as trusting auto-suggest to fill in an email address. By focusing on what is known as human layer security, Gravyty Guard protects against the vulnerabilities that will define the next decade in the nonprofit sector.
4 Ways to Learn About Nonprofit Data Security Risks & Gravyty Guard
- Join Gravyty for a special webinar, Data Security for Nonprofits on Tuesday, October 20 at 2:30 pm ET | 11:30 am PT
- Schedule a free, personalized Gravyty Data Security Health Score and demo of Gravyty Guard
- Register for the Gravyty Nonprofit Data Security Summit, the first summit to specifically address data security for NPOs
- Read our full press release below.
Gravyty Launches Gravyty Guard the First Data Security Solution Built to Protect Donor Data at Nonprofit Organizations
Gravyty Expands AI Platform to Address Human-Layer Data Security Risks
BOSTON, MA -- Gravyty, the market-defining leader of artificial intelligence (AI) for Social Good, today announced Gravyty Guard, the first data security technology focused on the human layer of security and specifically designed to protect the most sensitive donor data at nonprofit organizations from intentional and unintentional data breaches. The announcement comes in direct response to the worst year for nonprofit data security, with thousands of nonprofit organizations announcing data breaches and millions of donor data records compromised. Gravyty Guard protects nonprofit organizations and their well-intentioned employees from unintentional and malicious data breaches and provides the first solution to secure organizations’ most sensitive data.
Over the past six months, remote work has redefined how workforces access and share donor data, creating new and alarming security vulnerabilities for nonprofit organizations, particularly through well-intentioned employees who have authorized access to their organization's data. In fact, 85% of data breaches occur as a result of inadvertent actions. As data sets grow exponentially and organizations become more data-driven, these vulnerabilities are only projected to get worse. The most prominent risks now become well-intentioned employees who make mistakes with their organizations’ data.
"Nonprofit organizations find themselves in the crosshairs of being data-driven and needing to protect their most sensitive donor data. In the past, we've relied on policy to provide security assurances, but 2020 has proven that we need more, and it has to start at the most vulnerable level -- the human layer," explained Adam Martel, co-founder and CEO, Gravyty. "With Gravyty's deep understanding of the nonprofit sector and human behavior in development, we realized that we could expand our AI platform so nonprofits can address the security challenge that will define this decade, protecting against fraud and data breaches with world-class technology."
By understanding human behaviors unique to the nonprofit fundraising space, Gravyty uses advanced technologies to train models, deploy proactive alerts, and provide detailed, flexible reporting to protect employees from being the source -- maliciously or accidentally -- of the next donor data security breach. Known as human-layer security, the technologies behind Gravyty Guard proactively alert fundraisers to potential data breaches and provide steps to remediate data risks. These protections include threats such as:
Phishing, spear phishing, and other email infiltration attacks attempt to trick humans into scenarios that allow hackers to extract sensitive donor data through ransomware, trojan malware, and other methods. An estimated 135 million of these attacks are attempted every day. Historically focused on the for-profit sector, the nonprofit sector has only recently become a target for bad actors. Gravyty Guard is flexible, configuring to the specific needs of any organization to alert and protect fundraisers from these attacks.
Exfiltration happens when employees use email, text messages, messaging apps, thumb drives, cloud apps, and other vehicles to transfer data to places it should never be, without authorization. The most common data exfiltration occurs when an employee forwards a work email to their personal account. 75% of IT leaders say employees intentionally put an organization’s data at risk through exfiltration methods. Gravyty Guard allows nonprofit organizations to select compliance frameworks that apply to their business -- GDPR, CCPA, HIPAA, or otherwise -- and alerts managers when a fundraiser is about to create a vulnerability.
IT security is often highly effective at monitoring networks for abnormal traffic. However, we can’t say the same about tracking abnormalities in human behavior. More than 70% of people have mistakenly sent personally identifiable information (PII) or business-sensitive data to the wrong email recipient, creating a data breach. The source of these breaches could be as small as trusting auto-suggest to fill in an email address or a typo. Gravyty Guard uses AI to monitor security anomalies at the human-layer, alerting fundraisers when something doesn’t line up about the data within their message and the recipients to whom it’s being sent.
"The last 30 years in security have been defined by protecting networks and devices. Now, bad actors have turned their attention to new vulnerabilities -- an organization's employees," said Rich Palmer, co-founder and CTO, Gravyty. "As the leader in AI technology for the nonprofit sector, addressing human-layer security is a natural progression for Gravyty because frontline fundraisers access sensitive donor data every day. We'll empower nonprofit organizations to ensure their employees don't make mistakes that cause donor data breaches."
Gravyty Guard is available immediately in beta and will be released in full to the entire nonprofit community in early 2021. The three best ways to learn more about Gravyty Guard are to: