Free and Discounted Security Software for Charities

By now, many of you will already know about the great work that is done on the behalf of charities across the UK via Charity Digital (Formerly Tech Trust and CTX). They provide big name software applications and some hardware at a massively reduced rate, only charging a small admin fee to maintain their service. From this platform you can avail of access to Microsoft’s 365 cloud office platform and it’s many security features built-in and available as non-profit reduced rate add-ons, I will go into further detail below. Symantec desktop and server applications for Backup and Anti-Virus as well as other big names such as Avast and Bitdefender or Veritas for Disk Image recovery. There are a host of other platforms which would all assist in the business continuity plan for your organisation making use of various cloud platforms for HR management, Graphic design, storage and much more.

The list doesn’t end there though, if you dig a little deeper elsewhere there is a much greater list of services and discounts available for important and valuable enterprise-level tools that could greatly assist your organisation becoming Cyber Resilient. If you require a service or application, always contact them in advance to request any kind of applicable discount, providing you meet their criteria and can provide evidence (Usually a letter from HMRC to show charitable status).

Vulnerability Assessment Tools (MBSA Alternatives)
Since the free MBSA tool was discontinued this year (2019) other tools are available which carry out similar tasks, although not all as the MBSA tool looked for Microsoft-specific configuration issues which are now put down to having a good practice in the workplace (Password policies, group policy configuration. Restricted local admin access etc) Most of these will require a dedicated machine, server or VM to be able to operate internally. Their scanning can be quite processor intensive so spec accordingly. Some of these alternatives are:

Nessus Pro (Free for eligible non-profits)
Tenable offer a full professional-level licence worth over £2500. Nessus is a vulnerability scanning tool which can actively or passively monitor your network for security vulnerabilities and is kept up-to-date with the latest application signatures. This is a vital tool to assist your organisation in assessing it’s vulnerability standpoint and actively resolving any security flaws in software or hardware firmware. This is one of the tools used by security professionals when auditing your network for Cyber Essentials Plus.
OpenVAS (Free)
Retina Community Scanner (Free)
Nexpose Community (1 Year Trial)

Microsoft 365 Non-Profit Programme
Microsoft offer a vast list of services all under the one name, some of these may have to be located as they will not present themselves easily. Others must be manually setup and configured to be properly used. I have tried to list these and which may require more effort below:

• Microsoft 365 E1 (Up to 50 users)
  (Includes Online office packages, OneDrive (1TB per user), Exchange, Skype, Work Management tools such as Sharepoint and Microsoft Teams, Compliance solutions to help with GDPR and Data management, Auditing, archiving, eDiscovery)
• Active Directory Premium P1 – On by default
• Enterprise Mobility & Security E3 (Up to 50 Users) – Assign licence and features enable
  - Identity & Access Security – some config required
  - InTune Mobile Device Management – some config required
  - Data Classification & Document Management (& Encryption) – much config required
  - Advanced Threat Analytics – on-prem machine required & config
  - Cloud App Security – some config required
  - Advanced Threat Protection – some enabled by default via exchange
• Full Web Support
• 99.9% Uptime
• World-class data security (Held at the same levels as the US military in local datacentres)
• $3500 p/year Microsoft Azure Credit – Needs full config for any feature

The Azure credit can be used to host an online virtual machine, sql database, vpn network, or off-site server backup solution

Amazon AWS Non-Profit Credit via Charity Digital supply $2000 of credit for the admin fee of £148+vat. This opens up the possibility of using Amazon’s Enterprise level features and solutions for online databases, AWS EC2 Virtual Computing power, Storage or database. Powerful tools waiting to be leveraged by your organisation!

Google G-Suite Much like the Microsoft 365, this cloud platform is second to none for the security-level of its mail suite along with the cloud storage facility and collaborative workspaces, it also opens up access to the Google Adwords platform giving you the equivalent of $120,000 credit per year!

CRM (Customer Relationship Management) / Database / Fundraising Applications for charities

• Beacon CRM (Starts at £20 per user per month)
• Harlequin CRM (Enquire for pricing)
• Donorfy (Prices start at £89 per month. Free version with limited functionality for up to 500 contacts.)
• LampLight (Price varies on needs)
• Donorflex (Price varies on needs)
• CiviCRM (Depends on hosting)
• eTapestry (Prices start at $119 p/month)
• Donor Perfect (Prices start at $89 p/month)
• Bloomerang (Prices start at $99 p/month)
• WhiteFuse (Prices start at £65 p/month)
• Salesforce (From Free)
• Dynamics365 (Prices start at £1.50 p/user p/month)

Salesforce Offers up to 10 free licences for eligible non-profits allowing a leading CRM package to be used by any size of a charity via the ‘Power of Us’ Program. Salesforce is relatively easy to customise for your needs and meets many criteria for a having a proper data management system within your organisation.

Website Builders

Not exactly security-related as such, but you may need to start from scratch to get an online presence for your organisation and don’t want to pay a web designer thousands of pounds to get a flashy website. Try any one of these low-cost web builders where you can pick a template and quickly get a DIY website up and running in no time with minimal expertise!
Wix.com
One.com
btck.co.uk (BT Community Web Kit)
Wordpress.com (A good 5-minute guide for charities can be found here)
Squarespace.com
GoDaddy.com (Contact [email protected] for info on discounts)
Weebly.com

Other Software / Services

MalwareBytes – Antimalware software (Contact sales dept to request a non-profit discount)

Shopify Non-Profit Discount on subscriptions: Shopify is an enterprise-level online e-commerce system. They offer a non-profit discount available on certain plans. (The NPO Lite plan is $9 per month, The NPO Lite plan(plus the online store but no POS) is $29 per month, The NPO Full plan with free channels (no online shop) is $79 per month, NPO Full plan (with free channels and online shop including retail) is $99 per month.)

XERO Accounting Software 25% Subscription discount for eligible non-profits. Again not strictly security related but where and how you hold your accounting and payroll data can be very important!

Mailchimp Offer non-profit discounts (Currently 15%). It is always advisable to use a 3rd party bulk mailer to send your newsletters or mailing to large numbers. If you send bulk mail from your own accounts or on-premise exchange server you risk being blacklisted or blocked by some of your recipients. Configure your SPF, DKIM and DMARC settings to allow the third party senders to send as your domain and you cover all bases for a safe delivery of email!

Slack! Free / 85% Discount on subscription rates. Slack is an online collaborative or Team working environment allowing members to plan and contribute to project tasks with file sharing and video calling integrated.

Trello An alternative to Slack, as above.

This list is not exhaustive at all. If you are aware of any others which should be here, please do let me know!

If you wish to discuss implementing any of these or more information on sourcing,

please get in touch at [email protected]