NGOs and Data Security: The Pros & Cons of Using Social Media as your Primary Web Presence

Written by Paul Diaz, VP of Policy, Public Interest Registry

This post is part of a Public Interest Registry series called “NGOs and Data Security” aimed at providing educational insights to noncommercial internet users around different data and information security themes.    

Using social media as your primary online resource can be appealing for NGOs – accounts are easy to obtain and usually free. Compared to building a website, the initial steps to establish a web presence through social media channels are simple and require less expertise. But there are also significant drawbacks, particularly when it comes to security and data management. It’s important to understand and differentiate the value both social media and a dedicated website can bring to your organization, so you can decide which is best for you.

The Pros of Leveraging Social Media as Your Primary Online Presence

Social media can be a powerful connector. Social media really is a robust and powerful tool to generate awareness. It allows your organization to capitalize on the millions of people who are looking to make connections with other people, brands and causes that align with their interests. Through information and images posted in real time, social media can also provide a glimpse into your organization’s personality, adding a bit of color to the (hopefully) well-crafted messaging that may already live on your website.

Direct engagement with your audience can help you reach your goals. Social media enables direct two-way communication with constituents and donors, whereas websites typically speak at visitors rather than with them. Social media also allows you to initiate communication, rather than waiting for a constituent or donor to initiate contact after viewing information on your website. The ability to communicate directly – and with tailored, personalized information – can help jumpstart the journey from awareness to your desired action.

The Cons of Depending on Social Media Online

As we discussed in our September post about your data and data protection, digital and social tools certainly make our lives easier, but there are also important privacy, security and data management concerns that need to be considered.

Data management and security is out of your hands on social media. When you engage with a third-party social media vendor, you’re often giving them access to data. That includes both internal data reflective of your organization and data that is collected from external sources. This data could include images of your staff or constituents that you post on Facebook, or personal contact and financial information.

It’s important to remember that your organization has a responsibility to ensure that it is in compliance with laws and regulations around the world that govern the collection, storage, and use of personal data. When you grant access to a third-party social media site, you lose some control in this regard.

Security of financial transactions on some social media platforms can be tricky. We’ve established the benefits of two-way communication via social media, but when the ultimate goal of that interaction is securing financial support, social channels leave much to be desired. Would you provide your credit card number in a direct message on Twitter? Probably not. Even Facebook’s Charitable Giving Tools – which allow nonprofit organizations to collect funds through “donate buttons” at both the page and post level – have drawbacks. While this channel offers a way to capitalize on a potential donor’s immediate interest in providing support, especially as there are no fees associated with donation activity to nonprofits, your organization’s financial and bank account details will be stored by Facebook Payments and payouts are only made once a minimum of $100, €100 or £100 is reached in your portfolio. If you do not want to register your financial information through Facebook Payments, a check will be distributed (once the minimum is reached) from Network for Good, a donor advised fund that you may need to register with and Facebook’s partner to distribute funds collected from the donation button. Keep in mind, too, that the donation button is only available to organizations based in the U.S. and select European countries. To be successful, you will also be relying on your constituents’ trust of Facebook to provide their financial information.

On the other hand, a website with a Secure Socket Layer (SSL) Certificate (a URL beginning with “https”) provides a safe and secure channel for your donors to make financial contributions without the drawbacks you’ll find with social media. An SSL website not only offers an extra layer of encryption to protect data from hackers and identity thieves, but a trusted way to share personal data, like credit card numbers and addresses, without too many players involved. This applies to mobile versions of websites as well. You’ll also remain in more control of fund distribution.

Social media channels lack the inherent trust that a well-renowned domain extension offers. One of the greatest advantages of a website is the ability to align with a trusted domain extension that can help you reach these passionate, cause-focused individuals. Year after year, reports show that the .org domain, for example, is trusted as the place where organizations, companies and individuals can come together around a shared interest or passion, and to make a difference in the world through cause-based efforts. This awareness, and most importantly trust, that a website domain can extend to your brand is just not available through social media channels.

A Blended Approach Works Best

The decision between a website or social media doesn’t have to be all or nothing. Upon evaluating the pros and cons of using social media as your primary web presence, it’s easy to see that a blended approach is best.

One particular benefit of a blended approach is that it can help safeguard your organization from being left in the dark in the case of a cyberattack. Distributed denial-of-service (DDoS) attacks are a type of attack aimed at taking a website offline by overwhelming it with internet queries. Public Interest Registry works very hard to secure the .org domain against this and other types of cyberattacks, but the reality is that these attacks do occur. The “silence” that can be caused by this type of cyberattack can be mitigated through having alternate online communications channels via a website and social media.

Another benefit of a blended approach is the ability to provide a custom communications experience for constituents. Social media can help you identify potential people to engage with and help you get their attention with targeted communications. Once engaged, you can provide more tailored information by directing them to a specific page on your website, or send them directly to a sign-up form or donation page.

Ultimately, having a website as well as a social media presence makes the most sense when it comes to reaching potential supporters, engaging with constituents and working to protect donor information.