A Q&A with Wendy VanDeventer-Jones, National Director of Information Technology, Society of St. Vincent de Paul USA
For nonprofits, cybersecurity can feel like an afterthought. Budgets are tight, IT teams are lean, and the focus is always rightly on the mission. But phishing attacks, credential theft, and account takeovers are just as likely to target a charitable organization as a Fortune 500 company. The consequences can be devastating: disrupted services, compromised donor data, and a loss of the trust that nonprofits depend on.
Every day, the Society of St. Vincent de Paul shows up for people in need, delivering food, clothing, financial assistance, and human connection to millions of individuals across 155 countries. People rely on their services, and disruptions can be disastrous. We spoke with Wendy VanDeventer-Jones, their National Director of Information Technology, about the password security challenges they faced, the incident that made change urgent, and how LastPass helped them build a more secure foundation — without stretching an already limited budget.
Q: Can you tell us about the Society of St. Vincent de Paul and the work you do?
A: The Society of St. Vincent de Paul USA is a Catholic lay organization that leads women and men to grow spiritually by offering person-to-person service to those who are in need and suffering. We operate as part of a global network spanning 155 countries, serving millions of people every day. Our team at the National Council of the United States handles the administrative functions that keep conferences and councils across the country running smoothly.
Q: What security challenges were you facing before finding a solution?
A: Like many organizations, we were dealing with vulnerabilities that are all too common: frequent password reuse across multiple applications and team members leaving written passwords exposed in easily accessible areas. We knew these habits created real risk, but we needed a solution that people would actually use.
Q: What was the moment that made solving this a priority?
A: A team member was targeted in a phishing incident and had to update passwords across several accounts — all because they had reused the same credentials. That was the tipping point. It made the risk very real and very urgent.
Q: Why was LastPass the right fit for a nonprofit like yours?
A: As a nonprofit, we can't invest in expensive security infrastructure. We needed something that would allow users to create unique, complex passwords stored in a secure, easy-to-use environment, without breaking the budget. LastPass checked all those boxes without costly infrastructure.
Q: What's been the impact since implementing LastPass?
A: The difference has been meaningful. We've reduced the risk of account takeovers, eliminated the sticky-note problem entirely, and significantly improved our overall IT security posture. Our team can now focus on our mission — serving those in need — with greater confidence that our organization is protected.
The story of St. Vincent de Paul's security journey is one that will resonate with IT leaders across the nonprofit sector and beyond. The vulnerabilities the organization faced weren't the result of carelessness, but rather an impossible balancing act that so many teams know well: do more with less, protect everything, and never lose sight of why you're there in the first place.
What makes their approach worth paying attention to is its simplicity. They didn't overhaul their entire infrastructure or bring in an army of consultants.
Security doesn't have to be the domain of large enterprises with deep pockets. With the right tools, even the leanest teams can build meaningful defenses. For the Society of St. Vincent de Paul USA, protecting their organization is an extension of protecting the people they serve, and that's a mission worth taking seriously.
Ready to protect your organization like the Society of St. Vincent de Paul USA?
Discover how LastPass helps nonprofits and businesses of all sizes secure access without the overhead.
