Cybersecurity threats targeting associations and nonprofit organizations continue to rise. From phishing scams to credential‑based attacks, bad actors increasingly view mission‑driven organizations as high‑value, soft‑target opportunities. In response to this growing risk, major technology leaders—including Microsoft, Google, and Amazon Web Services (AWS)—now require Multi‑Factor Authentication (MFA) for all users.
MFA is a critical layer of protection that safeguards member data, financial information, and the operational integrity of your association or nonprofit.
We strongly recommend enabling MFA in iMIS for all users accessing your iMIS system. Down the line in the product roadmap, this will become a requirement to log into iMIS. Setup is quick, but we'll still give you plenty of heads up before it becomes a requirement.
Your organization stores valuable personal and financial information. MFA adds an essential security layer that helps protect against unauthorized access and potential data exposure.
Associations and nonprofits often manage extensive collections of sensitive information—membership profiles, certifications, donations, event registrations, financial records, and more.
Yet the most common cause of data breaches remains the same: weak or stolen passwords. That's why passwords alone can't protect member data.
MFA ensures that even if a staff member’s password is compromised, unauthorized users cannot access your iMIS environment.
Attacks like phishing and credential stuffing are common in the nonprofit and association sector due to the large number of staff, volunteers, and part‑time contributors accessing systems. MFA prevents intruders from logging in, even if they have the correct username and password, by requiring a second factor, such as a mobile prompt or one‑time code.
Members, donors, staff, and boards expect responsible data stewardship. Enforcing MFA demonstrates your commitment to their privacy and strengthens confidence in your organization’s digital practices.
Are you required to demonstrate strong data protection controls? Many funders, governing bodies, and cybersecurity frameworks now expect MFA as part of standard security hygiene. Implementing MFA in iMIS is a proactive way to meet these expectations and align with industry‑recognized best practices.
Even a single security breach can disrupt member engagement, delay events, and erode trust. MFA helps ensure your systems remain available and uncompromised.
We strongly recommend enabling MFA for all users accessing your iMIS EMS site. Use our step‑by‑step guide: Enabling multi-factor authentication for staff users.
Here's what to know before enabling MFA. If you need assistance, please submit a support ticket.
MFA is a security feature that requires two forms of authentication when logging into an account. For example, you enter your password and then are prompted to enter a code from your mobile device. The multi-step process is a way to ensure that it's really you trying to log in.
Don’t wait; secure your organization today. Implementing MFA now helps ensure that your iMIS EMS environment remains secure, compliant, and trusted.