Skip to Main Content

How to Create a Safe Website for Your Nonprofit

7 min read
January 09, 2023
Abby Jarvis
A curly-haired woman sits on a shaggy orange carpet. She's leaning back against a white sofa, and she's looking the computer set in her lap.

Your nonprofit almost certainly has a website. But is it a safe website?

Website security might not seem as cool as your design or content creation, but it’s important. Whether you want site visitors to donate, sign up for your newsletter, volunteer, or learn more about your services, you almost certainly want them to do something. Your visitors will be more likely to do what you want if they feel safe on your site. 

But what makes a site visitor feel safe or unsafe? And how can you prevent it from happening? Let’s take a look.

Ensure a Safe Website With The Proper Security Certificates

Look at the URL for this blog article. See the “https” prefix there? That stands for “Hypertext Transfer Protocol Secure,” and it means that our site is encrypted. An encrypted site has security measures in place that keep visitors’ information safe, and having those security measures in place will create a better experience for your visitors.

If your site isn’t encrypted, users may see alerts from Google and other browsers that their connection is not private. To proceed, they have to intentionally choose to proceed to a site that’s positioned as unsafe, and that’s not the best way to make a good impression on your visitors.

An alert screen for an insecure website can deter your site visitors; this screenshot of a Google alert warns users that their connection is not private and encourages them to navigate "back to safety" instead of continuing to their destination.
What would you do if you landed on a website and saw this error. Would you choose to proceed to the site? Would you enter your financial information on a form? Having a safe website means, in part, that you’ll have security certificates that prevent this from happening.

Seeing those errors will almost certainly prevent them from landing on your site at all, let alone donating to your cause or otherwise supporting your work. People want to feel safe when they’re submitting sensitive information like their contact details and credit card numbers. 

If your organization does not have security certificates in place, now’s the time to handle it. Here’s a useful guide from Google about how to set up HTTPS.

Good news for Neon Websites users: We handle your security certificates for you. You don’t need to take any additional steps to keep your donors safe! 

Add Trust Indicators to Your Donation Page

People want to feel safe on any website they visit. They want to feel safe especially when they’re giving you sensitive information—and there’s nowhere people are submitting sensitive information on your site more than on your donation form. That’s why it’s important to add trust indicators to your donation page.

The first trust indicator to add may already be built into your donation form itself. Simply adding a lock icon near the button donors click to submit a gift can have a dramatic impact on the likelihood that someone will complete their gift.

This is a small but important indicator that someone’s donation information will be kept safe. And it works! An experiment by NextAfter compared performance between two donation forms: One included no security indicators, and the other included a box that indicated the form was secure. The form with the security indicator saw a 126% lift in donations.

A safe website will also include forms that signal to donors that their information is safe. See that lock icon with the “Secure Payment” label? That’s a small design detail, but it can have a big impact on your donors’ comfort levels as they submit personal and financial information on your donation form.

If you’re using any of Neon One’s forms—whether donation forms, membership forms, storefront payments, or any other transactional form—this is already included. If you’re using a different fundraising platform, make sure you have an indicator like this featured anywhere you ask supporters to share sensitive information.

Other Trust Indicators to Include On Your Website

Your website visitors want to feel like they’re on a safe website. But they also want to know that any donation, membership, or other form of support is a safe investment, too. Remember, people choose to get involved with nonprofits because they want to make a positive difference in the world. When you signal to your site visitors that you’re a trustworthy organization, they’ll feel more comfortable supporting you.

Try including Guidestar or Charity Navigator badges on your website. You may want to do this in your footer, in a sidebar, on your About Us page, and even on your donation page. Including links to these third-party evaluations will signal to potential supporters that your organization is trustworthy, and they’ll be more comfortable getting involved. They’ll feel safe knowing they’re donating their time, money, and talents to an organization that will use them well.

PCI Compliance

When you think of a safe website, you might not think of PCI Compliance. This isn’t an overt safety feature—donors won’t necessarily know that you’re PCI compliant—but it’s still an important part of having a safe website.

If the phrase “PCI Compliance” doesn’t mean anything to you, you’re not alone—it’s a relatively niche topic unless you’re really into web security. The full term is “PCI DSS Compliance,” which is an abbreviation of “Payment Card Industry Data Security Standard.” The Standard is a set of rules and guidelines put together by all major credit card companies that ensure consumers’ financial information is kept safe. When you’re PCI compliant, it means you’re following the rules and regulations for safely processing credit and debit card transactions.

Staying in compliance with those guidelines is an absolutely critical step in creating and maintaining a safe website. You can learn more about these guidelines, why they’re important, and how to get (or stay) in compliance here in our article on PCI Compliance

A quick note for Neon One users: Your account includes access to our PCI Compliance Program at no additional cost to you. We’ll help guide you through getting and staying compliant, and you’ll also get $100,000 in protection in the unlikely event that you experience a data leak. 

Your Nonprofit Needs a Safe Website

Your nonprofit’s website is the central hub of your online presence. When people visit you online, you want them to do something, whether it’s make a donation or simply learn more about your work and the community you serve. Maintaining a safe website is an important part of creating an environment where visitors feel comfortable interacting with and supporting you.

Your site should do two things: It should keep your visitors safe, and it should give them a positive experience by making them feel safe.

There are three steps you can take to make this happen. First, get your security certificate and ensure it stays up to date. This will help users understand that their connection to your site is private and that their information is protected.

Then, make sure you have security and trust indicators on your donation form: Potential donors will be much more likely to give to your organization when they know their payment is secure and their sensitive information won’t be compromised. And, finally, make sure you’re in compliance with PCI standards. Keeping your donors’ information safe—even if they don’t immediately know your compliance status—is a critical part of maintaining a safe website.

Want to know more about how you could upgrade your nonprofit’s site? Then take our (short, simple) Website Optimization Assessment quiz to find out!

Neon Websites Helps Keep You (and Your Supporters) Safe

Building a safe website can feel overwhelming, especially if you’re not familiar with things like SSL certificates and PCI standards. Neon Websites is here to help! We handle things like security certificates, CMS updates, website backups, and other important security measures for you so you don’t have to. And, since all our systems are PCI compliant and all Neon One accounts include free access to our PCI Compliance Program, your donors’ information will be safe long after they’ve made a gift and left your site.

Join the discussion in our Slack channel on connected fundraising

Looking to become a more connected nonprofit leader?

Join 73,000+ of your peers getting industry news, tips, and resources straight to their inbox.