Monthly Archives: August 2009

Evaluating Wikis

This post originally appeared on the Idealware Blog in August of 2009.

I’m following up on my post suggesting that Wikis should be grabbing a portion of the market from word processors. Wikis are convenient collaborative editing platforms that remove a lot of the legacy awkwardness that traditional editing software brings to writing for the web.  Gone are useless print formatting functions like pagination and margins; huge file sizes; and the need to email around multiple versions of the same document.

There are a lot of use cases for Wikis:

  • We can all thank Wikipedia for bringing the excellent crowd-sourced knowledgebase functionality to broad attention.  Closer to home we can see great use of this at the We Are Media Wiki, where NTEN and friends share best practices around social media and nonprofits.
  • Collaborative authoring is another natural use, illustrated beautifully by the Floss Manuals project.
  • Project Management and Development are regularly handled by Wikis, such as the Fedora Project
  • Wikis make great directories for other media, such as Project Gutenburg‘s catalogue of free E-Books.
  • A growing trend is use of a Wiki as a company Intranet.

Almost any popular Wiki software will support the basic functionality of providing user-editable web pages with some formatting capability and a method (such as “CamelCase“) to signify text that should be a link.  But Wikis have been exploding with additional functionality that ramps up their suitability for all sorts of tasks:

  • The Floss Manuals team wrote extensions for the Open Source TWiki platform that track who is working on which section of a book and send out updates.
  • TWiki, along with Confluence, SocialText and other platforms, include (either natively or via an optional plugin) tabular data — spreadsheet like pages for tracking lists and numeric information. This can really beef up the value of a Wiki as an Intranet or Project Management application.
  • TWiki and others include built-in form generators, allowing you to better track information and interact with Wiki users.
  • And, of course, the more advanced Wikis are building in social networking features.  Most Wikis support RSS, allowing you to subscribe to page revisions. But newer platforms are adding status updates and Twitter-like functionality.
  • Before choosing a Wiki platform, ask yourself some key questions:
  • Do you need granular security? Advanced Wikis have full-blown user and group-based security and authentication features, much like a standard CMS.
  • Should the data be stored in a database? It might be useful or even critical for integration with other systems.
  • Does it belong on a local server, or in the cloud? There are plenty of great hosted Wikis, like PBWorks (formerly PBWiki) and WikiSpaces, in addition to all of the Wikis that you can download and install on your own Server.  There are even personal Wikis like TiddlyWiki and ZuluPad.  I use a Wiki on my Android phone called WikiNotes for my note-keeping.

Are you already using a Wiki?  You might be. Google Docs, with it’s revision history feature, may look more like a Word processor, but it’s a Wiki at heart.

The Environmental Legacy of Woodstock

This post was originally published on the Earthjustice Blog in August of 2009.

Much is spoken about the legacy of Woodstock, the concert that defined a musical era, now celebrating a 40-year reunion. I came across this fascinating slideshow onTreehugger’s website, discussing the post-Woodstock environmental activities of some of the famous rock and folk musicians that performed there. While some might be skeptical as to how great a conference Woodstock was, discovering this 40-year history of environmental stewardship that followed speaks to the historic importance of the event.

The slideshow notes some fascinating environmental pursuits of classic 60’s artists. Here are some additional links and details on the musicians featured and their earth-friendly activities:

Joan Baez joined Julia Butterfly Hill in tree-sitting protests in support of community gardening.

Neil Young is a strong advocate for alternative fuels, who has not only re-invented his classic Lincoln Continental as an electric/biodiesel hybrid, but has also recorded a whole album about the subject.

The Grateful Dead joined Greenpeace in 1988 to save the rainforests. They were instrumental in founding the Slide Ranch, a teaching organic farm in Marin, County CA that introduces kids to the benefits of growing healthy foods.

Carlos Santana has incorporated solar panels into his business office and home. Like Young, he preaches what he practices, too.

Richie Havens has made teaching urban children about the environment a life’s cause, first with the Northwind Undersea Institute (now closed), a museum devoted to environmental information, and more recently with the Natural Guard.

Arlo Guthrie works with fellow folk legend Pete Seeger’s Hudson Sloop Clearwater, a nonprofit dedicated to preserving the Hudson River. Guthrie also has a foundation that protects indigenous cultures from threats related to globalization.

Celebrating good music in healthy, open spaces is a legacy that we should leave for future rock fans. It’s nice to see that many of our greatest rock legends get that.

Word or Wiki?

This post was originally published on the Idealware Blog in August of 2009.

An award-winning friend of mine at NTEN referred me to this article, by Jeremy Reimer, suggesting that Word, the ubiquitous Microsoft text manipulation application, has gone the way of the dinosaur.  The “boil it down” quote:

“Word was designed in a different era, for a very specific purpose. We don’t work that way anymore.”

Reimer’s primary reasoning is that Word was originally developed as a tool that prepares text for printing. Since we now do far more sharing online than by paper, formatting is less important. He also points out that Word files are unwieldy in size, due to the need to support so many advanced but not widely used features. He correctly points out that wikis save every edit, allowing for easy recovery and collaboration. Word’s difficult to read and use Track Changes feature is the closest equivalent

Now, I might have a reputation here as a Microsoft basher, but, the truth is, Word holds a treasured spot on my Mac’s Dock. Attempts to unseat it by Apple’s Pages, Google Docs and Open Office have been short-lived and fruitless. But Reimer’s absolutely right — I use Word far more for compatibility’s sake than the feature set.  There are times – particularly when I’m working on an article with an editor – that the granular Track Changes readout fits the bill better than a wiki’s revision history, because I’m interested in seeing every small grammatical correction.  And there are other times when the templates and automation bring specific convenience to a task, such as when I’m doing a formal memo or printing letterhead at work.  But, for the bulk of writing that I do now, which is intended for sharing on the web, Wikis put Word to shame.

The biggest problem with Word (and its ilk) is that documents can only be jointly edited when that’s facilitated by desktop sharing tools, such as GoToMeeting or ReadyTalk, and now Skype. In most cases, collaboration with Word docs involves multiple copies of the same document being edited concurrently by different people on different computers.  This creates logistical problems when it comes time to merge edits.  It also results in multiple copies of the revised documents on multiple computers and in assorted email inboxes. And, don’t forget that Track Changes use results in larger documents that are more easily corrupted.

A wiki document is just a web page on a server that anyone who is authorized to do so can modify.  Multiple people can edit a wiki concurrently, or they can edit on their own schedules.  The better wiki platforms handle editing conflicts gracefully. Every revision is saved, allowing for an easy review of all changes.  Earlier versions are simple to revert back to.  This doesn’t have to be cloud computing — the wiki can live on a network server, just as most Word documents do.

But it’s more than just the collaborative edge.  Wikis are casual and easy.  Find the page, click “edit”, go to work.  Pagination isn’t an issue. Everything that you can do is usually in a toolbar above the text, and that’s everything that you’d want to do as well.

So when the goal is meeting notes, agendas, documentation, project planning or brainstorming, a wiki might be a far simpler way to meet the need than emailing a Word document around. Word can be dusted off for the printed reports and serious writing projects. In the information age, it appears that the wiki is mightier than the Word.

Next week I’ll follow up with more talk about wikis and how they can meet organizational needs.

Pop Quiz: PCI Compliance

This post was first published on the Idealware Blog in August of 2009.

The credit card industry is doing the right thing by consumers and enforcing proper security measures regarding the handling of credit card information.  You might have heard about this – a number of the popular vendors of donor databases are recommending upgrades based on their compliance with these regulations. The “Payment Card Industry Data Security Standard”, commonly known as PCIDSS, is a set of guidelines for securely handling credit card information.  The standard has been around for about four years, but early enforcement efforts focused on companies with a high volume of credit card transactions.  Now that they’re all in compliance, they’ve set their sites on smaller businesses and nonprofits. So, what does this mean? Here’s the simplest F.A.Q. that you’re likely to find on the topic:

  • Do you ever process online, phoned in, or mailed-in credit card donations in-house? e.g., do you maintain the credit card number, expiration date and name of a donor?

If no, you don’t have to worry about this.

  • If yes, do you have more than 20,000 such transactions annually?

Well, if you do, congratulations!  Most nonprofits don’t, so they qualify for level 4 of the PCI Compliance scale. That results in a Self Assessment Questionnaire (SAQ) Validation type of “4”.  Higher validation types are subject to stricter security standards.

The Self-Assessment Questionnaire will ask you all sorts of technical questions about your network and security procedures.  Do you have a firewall?  Are all of your transactions encrypted?  Do you use anti-virus software?  Is credit card information properly restricted to authorized staff?

Depending on your network, you might already comply with a lot of the requirements.  If you don’t, then it might require a significant investment to get there.

  • What will happen if I ignore this?

This isn’t government regulation (although your state might have laws in place that do mandate some similar response). Participation is not mandatory.  But, should your security be breached, two things will happen:

  1. The compliance requirements for your organization will be reassessed to level one or two, and they’ll be much more costly and complicated to meet.  The credit card companies might decline to do business with you if you don’t comply.  Can you afford to not take Visa?
  2. You will likely be indirectly fined for non-compliance.  The credit card companies will hold your bank liable for losses due to credit card theft in situations where your security was substandard.  Your bank will likely pass that fine on to you.
  • So what’s the easiest way to deal with this?

Simple: don’t handle credit cards.  There are a number of services that, for a price, will do this for you, from Paypal and Google Checkout to CharityWeb and Blackbaud’s BBNow. Outsourced ECRM software (NetCommunity, Convio, Democracy in Action, etc.) will also handle it. The cost is likely not as significant as that of maintaining compliance or suffering the consequences of a non-compliant breach.

I’ll share that, at the Goodwill where I used to work, outsourcing wasn’t an option, because we were both a charity and a retailer. Our frustration was not that we didn’t have good security in place.  It was that there were differences in how we had set up our security and the PCIDSS requirements.  So, while we had done a lot of work and made significant investments, we still had to reconfigure things and spend more in order to be compliant.  In addition to making our internal IT changes, we had to switch software programs in order to avoid storing credit cards unencrypted in our database, a typical problem.  We also engaged a consultant.  Once you are reasonably sure that you comply, then you must pay a security service to verify your efforts, another non-trivial expense.

Blackbaud has put together some good further reading on this topic (and they are one of the vendor’s whose latest software is compliant; ask your eCRM vendor!).

My Full NPTech Dance Card

Congress can take a vote and change the time that the sun goes down.  So why can’t they give me the 10 additional hours in each day that I keep lobbying for?

In addition to my fulfilling work at Earthjustice and the quality time at home with my lovely wife and Lego-obsessed 10 year old, here are some of the things that are keeping me busy that might interest you as well:

  • Blogging weekly at Idealware, as usual. This is one of those rare entries that shows up here at Techcafeteria, but not there.  And I’m joined at Idealware by a great group of fellow bloggers, so, if you only read me here, you might get more out of reading me there.
  • I recently joined the GreenIT Consortium, a group of nonprofit professionals committed to spreading environmental technology practices throughout our sector.  I blog about this topic at Earthjustice.  Planned (but no dates set) is a webinar on Server Virtualization; technology that can reduce electrical use dramatically while making networks more manageable.  This will be similar to the session I did at the Nonprofit Technology Conference in April, and I’ll be joined again by Matt Eshleman of CITIDC. I’m also helping Ann Yoders, a consultant at Informatics Studio, with an article on green technology for Idealware.
  • On September 9th, I’ll be recording another episode of Blackbaud‘s Baudcast with other friends, including Holly Ross of NTEN. The topic this time is technology management, a subject I don’t ever shut up about.
  • Saving the big ones for last, NTEN’s first Online Conference is themed around the book, Managing Technology To Meet Your Mission. This one takes place September 16th and 17th, and I’ll be leading the discussion on my chapter: How to Decide: Planning and Prioritizing.
  • In early 2010, Aspiration will bring my pitch to life when we hold a two day conference that is truly on nonprofit technology, geared towards those of us who manage and support it. I’ve been known to rant about the fact that the big nptech shindigs — NTEN’s NTC and Techsoup’s Netsquared — focus heavily on social media and web technologies, with few sessions geared toward the day to day work that most nptechs are immersed in.  The goal of the event is to not only share knowledge, but also to build the community.  With so many nptech staff bred in the “accidental” vein, we think that fostering mentoring and community for this crowd is a no-brainer.
  • Further out, at the 2010 Nonprofit Technology Conference, I’ll be putting together a similar tech-focused sub-track.  Since the Aspiration event will be local (in the SF Bay), this will be a chance to take what we learn and make it global.
  • My nptech friends will forgive me for declaring my extra-curricular dance card otherwise closed — this is enough work to drop on top of my full-time commitments!

Compensating for Chaos

This post originally appeared on the Idealware Blog in July of 2009.

In 2000, after spending 15 years at corporate law firms, I made a personal choice to start working for organizations that promote social good by reducing poverty and protecting our planet. I understood that this career move would put some serious brakes on what was a fairly spiraling rise in compensation – my salary tripled from 1993 to 2000. And that was fine, because, as I see it, the privilege of being compensated for doing meaningful work is compensation in it’s own right.

We all know that we make less in this industry than we might in the commercial world, and we’re all pretty okay with that.  But how much, or how little, the discrepancy between “real world” and nonprofit salaries should be is a metric with little established thought behind it.  We don’t base our pay scales on any rationale other than what we determine others are paying and what we can afford. My concern is that, by not taking a strategic, reasoned approach to compensation, nonprofits are incurring far more unnecessary expense than they might, particularly when it comes to technology support, although these thoughts apply across the org chart.

The problem is that, when it comes to determining the market value of a nonprofit employee, we often go to nonprofit salary surveys, such as the one put out by NTEN and the Nonprofit times. But job seekers don’t read those surveys.  In San Francisco or New York, a good System Administrator can make $70-80k a year at a for-profit.  Even if they come in to your org understanding that they aren’t going to be offered the market pay ($75k), they have an expectation that they’ll either be on the low end of it ($70k), or within 10% of it ($67.5k).  The recent NTEN Staffing Survey puts the average nonprofit Sysadmin salary at $52k, which is about 75% of that market. So, given this scenario, here are my questions:

  • How many excellent candidates are eliminated from consideration because they can’t afford to take a 25% pay cut?
  • Of the ones who can afford that pay, how many can afford it because they aren’t qualified for the work required?
  • How many can afford it because they have other primary income sources, and therefore can take a low paying job and not feel very committed to it?
  • If a good Sysadmin takes a job at that rate, how long will it be before they decide that they need more money and leave?
  • What is the impact of having a heavy rotation among the staff that maintain and upgrade your technology?
  • What is the impact of having of having often empty critical IT positions?

But, let’s get really into this. Unless the IT people that are hired at the 75% rate are extremely mature, then they might have some of the common failings of immature Sysadmins:

  • Many are often controlling and secretive. I’ve been in multiple situations where I’ve come into an organization and learned that the prior IT staff left with the key system passwords.  I’ve also seen numerous situations where the IT staff left en masse.
  • Most Sysadmins are lousy about writing things down.  What is the ramp-up time for your new staff when they have to research and guess how everything works on arrival?
  • The general instinct of a new IT person is to rip everything out and install their favorite things. Got Windows? They like Linux.  Got Word? They like Google Docs.  They don’t necessarily understand that one platform is much like another, but imposing massive change on an organization can be dangerously disruptive.

Technology candidates need to be assessed not only for their technical skills, but also for their attitude and maturity.  A very sharp tech, who can answer all of your Outlook questions, might have little patience for documenting his or her work or sharing knowledge with other technical staff. And those skills are the ones that will allow you to transition more smoothly when the tech leaves.

Mission is a motivator, and it has value that can be factored in to overall compensation, but not to the point where it’s so unattractive that it knocks the pool of candidates down to a pool of uncommitted or desperate ones.  The impact of paying poorly isn’t isolated to the salary bucket on the balance sheet.  In many cases, particularly with technology, it’s tied directly to the ability to operate.