Keys to the Kingdom
This post was originally posted on the Idealware Blog in December of 2008.
Being a career nonprofit IT type, I’ve repeatedly had the unpleasant experience of walking into a new job, only to find that critical information, such as software licenses and server passwords, are nowhere to be found. So before I can start to manage a new network, I have to hack it. This sort of thing happens in other industries as well, but it strikes me as something that plagues nonprofits. On one extreme, we might have staff who become bitter and malicious as they depart, destroying records and withholding passwords. But even if the situation isn’t that dramatic, keeping track of sensitive, critical data is a bit tedious, and concerns about security and confidentiality make it additionally complex. Protecting and keeping this information available to the staff that need it can save a lot of time, money and frustration. Here are some suggestions:
Follow procedures: in tight budget and staffing conditions, the approach to IT management is often reactive and chaotic. Many key NPO IT Managers came into the role as “accidental techies”, which implies that many nonprofits only support technology by accident. In an environment where the Office Manager, Donations Clerk or a volunteer ends up deploying the servers and installing applications, it’s a safe assumption that there aren’t well-crafted IT policies in place. In this environment, losing critical passwords — or even failing to ever write them down — can be a regular occurrence.
Involve all stakeholders:Don’t assume that your It staff – who are already struggling to juggle the big projects with user support — are keeping good records. Audit them, assist them and back them up. Finance can take a role in tracking license keys along with purchase records. And far too many nonprofit executives don’t even ask for the system passwords. There is no good reason – no matter how many a tech might come up with – why the CEO or head of security shouldn’t keep an updated, sealed envelope with key passwords in the safe in case of sudden turnover or emergency. I’ve worked with a lot of techies who would scream about this. “The CEO can’t have the password! They’ll delete files! They’ll mess it all up!” Well, the CEO shouldn’t use the password. But they should definitely have it.
Foster a culture that allows technology staff to succeed: in two of my personal cases, the staff before me had left en masse and bitterly. They took the main network password with them and wiped out a lot of the IT records. Clearly, this is immature and unprofessional behavior. I wouldn’t think to defend it. But the circumstances that lead some immature techs to be resentful and abusive can be fostered by certain work conditions. If you are a nonprofit executive, there are some things that you can do to create an environment that is less conducive to bitterness and abuse.
- Have realistic expectations for IT. If you don’t know how easy or hard it is to, say, upgrade a server or roll out a CRM system, don’t make assumptions. Hire a consultant, get a sense of what’s required, and adjust your expectations accordingly.
- Participate. Have all staff participate in technology planning and adoption. There are people who install systems and there are people who use them. The installation has to be a joint process. Techs can not be held accountable for determining user’s needs, and users can not be solely responsible for evaluating technology. Whenever IT buys the system without user input, or users pick a system without technical oversight, the relationship between IT and staff becomes strained. Joint responsibility and accountability for system choices is required for a healthy environment.
- Be appreciative. Tech support can be a very thankless job, and the smaller the staff and budget, the less rewarding. When your computer stalls or malfunctions, it can be frustrating. Even if you, personally, don’t take that frustration out on the tech who comes to fix it, are the rest of your co-workers that patient?
- Don’t hire extremes. When hiring technical staff, assess their people skills. Make sure that their focus is on how technology supports the org, not strictly on the technology. At the same time, assess the non-IT staff for their technical skills, and hire people who are competent and appreciative of technology. We are long, long past the day when all computer support and expertise could be delegated to the IT Department.
It boils down to organizational culture and priorities. The hectic, resource-strained environments that many of us work in aren’t conducive to good record-keeping habits. This problem is bolstered by the general case where upper management is, for various reasons, ranging from misplaced faith to technophobia, not thinking of IT as a keeper of critical organizational records. But the truth is that a failure to keep it all written down is inevitably going to cost you, in dollars and productivity. The best solutions are holistic – create a culture where accountability for organizational assets is clear to all and shared by all, and, in particular, understand enough about the technical demands put on your IT staff – accidental and otherwise – to allow them to prioritize the small stuff along with all of the big projects and constant fires they put out.