Nonprofits are expected to do more with less, and that pressure extends to their technology. Tight budgets, growing demands, and sensitive donor and client data create a tough balancing act. The good news? You don’t have to choose between affordability and security. From IT grants to donated tools, there are powerful resources designed specifically to help nonprofits build reliable, secure systems without stretching their budgets.
In this article, we’ll break down where to find that support and how to use it to strengthen IT for nonprofits with your cybersecurity from day one.
Finding and Utilizing Nonprofit IT Grants and Discounts
Many nonprofits aren’t aware of the plethora of tech grants and free/discount programs out there. A great starting point is TechSoup, which partners with big tech companies to provide software and hardware to nonprofits at little or no cost. Through TechSoup, eligible 501(c)(3)s can get, for example, donated Microsoft 365 licenses, discounted Adobe Creative Cloud, Intuit QuickBooks, Cisco networking equipment, and more. It’s one of the most well-known sources for nonprofit tech assistance. Another is the Nonprofit Technology Enterprise Network (NTEN), which sometimes offers funding or training programs.
Major corporations have grant programs available as well. Microsoft has an annual donation of $3500 in Azure credits for cloud services for nonprofits, Google offers the Google Ad Grants (up to $10K/month in free Google Ads) and free G Suite (now Google Workspace) for nonprofits, and Amazon Web Services (AWS) has credits for nonprofits via their Imagine Grant and through TechSoup.
Nonprofits can also check out local grants. For example, for Denver-based foundations the Colorado Nonprofit Development Center might have capacity-building grants that include IT purchases. Nationally, the Trevor Foundation or Dell’s Powering the Possible grants sometimes support technology initiatives in nonprofits. The key is to identify your needs (new laptops, better Wi-Fi, a CRM system) and then seek out these targeted programs.
Example of How to Properly Utilize Grants
If your nonprofit needs to upgrade all its old Windows 8 PCs for security, rather than buying new retail copies of Windows 10/11 and Office, you could request donated licenses via TechSoup (Microsoft Nonprofit program). Microsoft offers Windows OS upgrades and Office 365 for free or nearly free to nonprofits meeting criteria.
One blog notes that “Microsoft offers discounted and donated software and services to nonprofit organizations”– indeed, most cloud services they provide to businesses have an equivalent nonprofit offer (often free for the first 10 users, and heavily discounted after).
Likewise, if you need network equipment, Cisco’s donation program through TechSoup can get you enterprise-grade Meraki gear for a fraction of cost. I’ve seen small charities get $20K worth of Cisco hardware for a $500 admin fee via this route.
“Do More With Less” via Cloud and Shared Services
Embracing cloud services can also cut costs and management overhead – many nonprofits qualify for free cloud solutions. For instance, as of 2025, Google offers free basic Workspace accounts for nonprofits (with Gmail, Drive, Meet, etc.), which can save thousands compared to paid business plans.
Microsoft 365 Business Premium is free for up to 10 users for nonprofits (and $5/user for additional), which includes Office apps, email hosting, OneDrive, Teams, and advanced security features. That’s huge because you get an integrated platform with security tools (like Intune, Azure AD Premium for MFA, etc.) essentially donated.
Use these services rather than paying for on-premise servers or random software – they not only save money but come with built-in security and reliability that small orgs often can’t afford otherwise. For example, hosting your donor database on a donated Salesforce Nonprofit Cloud (Salesforce gives 10 free licenses to nonprofits) is likely safer and more functional than an old Access database on an aging PC.
Another angle: collaboration with partners. Sometimes nonprofits can piggyback on larger institutions for IT resources. A nonprofit housed in a university building, for instance, might be able to use the university’s internet backbone or security services. Always explore, sometimes a city program might offer free cybersecurity assessments to local nonprofits or free web hosting.
Strengthening Security on a Tight Budget
Nonprofits are unfortunately targets for cybercriminals – they often hold personal data (of donors, beneficiaries, employees) and may not have strong defenses. A report indicated that 27% of nonprofits have experienced a cyberattack, and nearly one in three already faced reality of threats. Another stat: 35% of nonprofit leaders feel unprepared for cybersecurity challenges. This is where “do more with less” also applies to security: you must be strategic and use low-cost or donated solutions to protect yourself.
Firstly, those donated cloud services I mentioned come with baked-in security features. For example, Microsoft 365 Nonprofit comes with advanced security like Office ATP (anti-phishing, anti-malware) and MFA capabilities at no extra cost. Turn those on! Google Workspace includes their robust spam filtering and optionally advanced endpoint management – use it. Essentially, leverage the security R&D of these big companies by using their platforms instead of trying to secure an aging local server with no IT staff.
Next, use free security tools where possible. Many vendors offer free cybersecurity services to nonprofits as part of their philanthropy. Cloudflare, for instance, has the Project Galileo which offers free enterprise-grade website protection (DDoS mitigation, web app firewall, etc.) to vulnerable nonprofits like human rights orgs. Cisco offers free security assessments or discounted security products via the Cisco Secure grant. Some MSPs (managed service providers) might give discounted rates or pro bono hours to nonprofits (for example, our own Cinch IT Denver is known for adjust pricing for a good cause, and we definitely help identify free solutions).
More Than Just your Technology
The BrightDefend/BrightDefense report noted human factors are the biggest issue – meaning security awareness is key. There are free training resources specifically for nonprofits (like TechSoup’s security training materials, or the FTC’s cybersecurity for small business guide which is freely usable).
Nonprofits can host a free “lunch and learn” using these materials to educate staff about phishing and safe practices, if they can’t afford formal training programs. Some local universities or Cybersecurity students might volunteer to help with training or risk assessments as part of a class project or internship – that’s a creative way to get a risk check for little to no cost.
Why IT for Nonprofits is Nonnegotiable
Nonprofits often maintain donor lists with personal info and giving history, or sensitive client info if it’s a service org. Losing that could not only break trust but also run afoul of privacy laws (think: if you handle health info but aren’t strictly a “covered entity,” you still might have obligations under state law to protect it).
By using donor management systems that are cloud-based and reputable (like Salesforce NPSP, Little Green Light, Bloomerang – many offer discounts), you inherently get better security than a random Excel file on someone’s laptop. One stat: 32% of nonprofits lack a clear website security plan, which is an issue especially if you do online fundraising.
If you have a donation website, ensure it’s HTTPS (use free Let’s Encrypt certificates), and preferably use a well-known platform for donations (like Network for Good, or PayPal Donate) rather than a self-coded form that could be insecure.
Payment processors often have built-in compliance. For example, using Stripe or PayPal means they handle the PCI compliance heavy-lifting, whereas if you tried to collect credit cards directly, you’d have to spend more on security.
Grants Specifically for Security or IT Capacity
While there might not be a lot, there are some! For example, the CyberGrants for Humanitarian organizations or NetHope’s fundings. Nethope’s 2025 Cybersecurity Report identifies capacity gaps and sometimes leads to grant opportunities. I recall that last year, Google’s philanthropic arm gave grants to some non-profits to improve their cybersecurity.
The easiest thing nonprofits can do though is check with community foundations; because maybe they have a capacity-building grant category that can include tech upgrades (like Denver Foundation or Community First Foundation might consider a grant for “infrastructure” that includes IT improvements). The trick is framing it in your grant applications: emphasize how better IT and security will enable you to reach more people or protect sensitive client data (which, if compromised, could harm your beneficiaries – funders do care about that).
Internal Best Practices
Good cyber hygiene can be low-cost, but it’s takes some effort and discipline. Even without grants implement these no-cost practices:
- Enforce strong passwords – doesn’t cost money to set a policy.
- Enable MFA on all accounts possible – many services allow app-based MFA for free.
- Use programs such as Bitdefender or Avast free antivirus on PCs if you truly can’t afford something better – though note, TechSoup also offers discounted Symantec and others.
- Keep all software updated – enable auto-updates, it’s free!
- Enable auto-backups to OneDrive/Google Drive for critical files rather than leaving them only on local machines – the cloud copies could save you if that PC dies or is stolen.
Leveraging Volunteers and Skilled Board Members
Perhaps there’s a tech professional on your board or among your volunteer pool. Don’t shy away from asking for their help to identify grants or implement security measures. Many IT pros are happy to volunteer a few hours to set up something like MFA or a backup script for a nonprofit they care about. And some donors might be willing to fund specific needs – maybe a donor would sponsor a new laptop purchase if asked directly. Have an “IT wish list” available.
Measure Twice, Cut Once
When you do get grants or new tech, deploy them with security in mind from the outset. It’s harder to bolt on security later. For example, if a grant gets you new laptops, configure them with encryption and management right away (the grant might even cover an IT consultant to do it properly – write that into budgets).
If you upgrade your network via a grant, install a proper firewall that has security features like intrusion prevention (some enterprise ones are available donated, as mentioned). One key stat: 35% of nonprofit managers say they don’t understand key cybersecurity risks – so part of doing more with less is educating leadership. That way, when budgeting and applying for grants, security isn’t an afterthought; it’s part of the plan and narrative (“We need these resources to protect our data so we can continue serving our community without disruption”).
Summary
Nonprofits truly can have it both ways – access to modern IT through grants and donations, and strong security by using those enterprise-grade donated tools effectively. The combination lets you amplify your mission safely. Cinch I.T. Denver is familiar with these programs (we routinely guide our nonprofit clients to TechSoup and similar, to stretch their dollars) and we often assist in implementing solutions from grants – think of it as turning grant money into actual tech outcomes with security in mind.
Nonprofits may have to do more with less, but with a smart strategy, “less” can be enough to achieve more than you thought possible. And as a final motivator: donors and grantmakers are starting to ask about cybersecurity readiness (some grant apps even include questions about how you protect beneficiary data). Showing that you’ve leveraged every free/low-cost resource and implemented best practices demonstrates you’re a good steward of funds and data – which can set you apart in the grant race, too.
____________________________________________________________________________
Sources
- Tardigrade Technology (Nonprofit cybersecurity stats) – “27% of nonprofits have already experienced at least one cyber attack. Nearly 1 in 3 nonprofits have faced cyber threats, often because of limited security infrastructure and valuable data like financial records and donor info.”
- TechSoup (Grant list blog) – “Microsoft Nonprofit IT Grants: Microsoft offers discounted and donated software and services to nonprofit organizations… Must hold a recognized charitable status… No Deadline (ongoing program).”
- BDO (Cybersecurity for Nonprofits) – “Nonprofits experienced a 30% year-over-year increase in weekly cyberattacks in 2024. Many nonprofits have moderate adoption of basic cybersecurity controls – e.g., 61% use MFA for email, but gaps remain. This alarming trend underscores the need for improved security measures even amid tight budgets.”
____________________________________________________________________________
About the Author
Niko Zivanovich is a Cybersecurity Leader with experience in helping organizations understand and achieve a more complete security posture. He is a co-owner of Cinch IT of Denver and has been working at Pellera Technology Solutions for 6 years, most recently as the Director of Cyber Defense and Threat Intelligence. Niko specializes in CISO advising, netsec ops, incident response, pen testing, and threat intelligence research. He holds multiple certifications through the SANS GIAC organization and is a Board Director for the InfraGard Colorado and Wyoming Chapter.
Enjoyed the Do More With Less: IT Grants + Security Strategies for Nonprofits article? If so then head over to our Blogs for more top tech tips.
Or follow our LinkedIn page for weekly tech tips, industry insights, and practical cybersecurity guidance for SMBs.
_______________________________________________________
About Cinch I.T.
Founded on the belief that I.T. support should be easy, Cinch I.T. has grown into one of the nation’s fastest-growing managed service providers. Our franchise model blends centralized expertise with local ownership, giving clients the best of both worlds. Our team is committed to being more than just a service provider, we’re your dedicated partner in achieving operational efficiency and peace of mind. With our fast, friendly, and transparent approach, you’ll always know where you stand and you always know you will have wi-fi security.
Discover how Cinch IT can support your success through smarter, more secure technology solutions. Contact us today!
Cinch IT Denver not your nearest location? View our nationwide Cinch I.T. offices:
