NTA Monitor’s 2006 VPN Security Report found that when testing charity's IT systems, they had an above average ten risks per test, but only had six of the ten most commonly occurring flaws, all of which were either of a low or informational level of risk. Out of the sectors studied (finance, government, IT, manufacturing and utilities in addition to charities), charities proved the most successful in eliminating medium risk flaws in their systems.

Roy Hills, technical director at NTA, said: “While charitable institutions seem to be leading the way in securing their VPN connections, our findings indicate that they still need to tighten their policy on IT security housekeeping and its implementation.”