On the heels of my webinar on Technology Best Practices in During a Pandemic, I presented with my colleague Jeffrey Bernstein, Director of Marcum Technology’s Cybersecurity practice, on the companion topic – Information Security Governance in Times of Pandemic. As is mentioned in the earlier slides, the disruption we’re facing comes with new information security risks. Fore many of the nonprofits that I work with and speak to, the top priority in March and April was getting people working remotely, and that understandably took priority. But now that the technical hurdles have presumably become more manageable, it’s time to think about the increased risks.
The risks fall into two categories: Internal and external. Internally, your staff might now be using home computers and routers to perform company business. Do you know how secure those systems are? Do the computers have adequate threat protection software? Do the routers have unique passwords?
Externally, the scammers are out in force and their texts and emails are extra compelling in an environment where we all are on a heightened alert for our health.
Certainly, organizations that had mature security plans and procedures were better prepared for this than those just scraping by. The presentation linked below starts by addressing the urgent items, but covers the range of what you should do both during and after the current crisis ends.
I’ve been neglectful of my blog, and it seems like a good time to report on what I’ve been up to. So here are some things that I’ve been working on that might be useful, both for dealing with the current catastrophe and managing technology in general.:
First, I’m presenting a webinar today (4/21/2020) on Technology Best Practices in Pandemic Times for the Greater New Orleans Foundation. If you’re reading this before 3:00 PM EDT, you can register here. My audience, I’m told, will be 100-150 employees of New Orleans Nonprofits. My assumption is that half of these orgs are already in the cloud, so the switch to remote work wasn’t too technical a challenge for them, but that the other half have documents on a shared drive on a server and their options for connecting from home are difficult and likely insecure. Beyond that, what I’m seeing is that companies that are using collaborative tools like Slack and MicroSoft Teams to keep staff engaged are doing much better with this than the ones that just made sure that their people could connect and are communicating strictly through voice, email, and the occasional video-conference. Virtual work can be isolating and challenging, and the transition is about far more than just the tech. I wrote an article about this for Marcum’s CoronaVirus Resource Center a few weeks ago.
Much of my work at Marcum Technology involves helping companies with their CRM and document management implementations. While I support orgs on multiple platforms, the ones I see most often are Salesforce and Office 365. For the former, I find that there is some confusion as to what Salesforce is and isn’t. We know that it’s a powerful contact management and sales/fundraising system. But it seems like it’s being used to do just about everything these days. My take is that it’s better at some things than others, and that the investment is not always justified. My article “Should You Use Salesforce?” dives deep into those questions. Similarly, Office 365 offers a variety of tools for managing documents: Sharepoint, Onedrive, and Teams. I don’t think it’s as much a question of which one to use as it is how to use them in concert, making the most of each application’s strengths. My article “Managing Documents With Office 365” pitches a solution that makes use of all three applications.
Since I left my job at Legal Services Corporation last year, I’ve been doing consulting and Interim CIO work in order to get the bills paid while looking for new work, and I’ve decided to make that the full-time gig. I am officially available to help out organizations with technology management and strategy. As always, my preference is to work with organizations that help people and/or the planet. Here are some of the ways that I can do that:
Act as a CIO: serve as your Chief Technologist on a part-time and/or interim basis. This can be helpful for an org that is either just setting out to implement technology strategy and/or infrastructure, or needs to reassess what they have in place, but doesn’t want to commit to hiring a full-time employee in the role. By working as an embedded contractor, I can get to know a company’s people, processes, and culture in order to provide relevant and effective tech recommendations. I can also work with existing staff to refocus IT attitudes and organizational engagement.
Assess your Technology Systems: hardware, software, people, and processes. Identify the technology solutions that will meet your mission’s goals and develop a roadmap to work from.
Perform Business Process Analyses around technology and data use. Determine the key processes that major systems need to support and automate prior to a major system selection or upgrade. CRM (Constituent/Donor Relationship Management), ERP (Enterprise Resource Planning, e.g. Finance, HR, backend automation), DMS (knowledge and information management systems), and AMS (Association Management Software), to name a few.
Oversee Software Selection Processes: from determining needs, identifying applications and vendors, assessing the systems (RFPs, Demos), and negotiating the contract.
Mentor Technology Staff and help strategically develop information management and technology support processes in an organization.
Advise on Information Security, and/or manage a vendor performing an assessment.
Review, Revise, and Develop IT and Security Policies.
Manage Technology Projects.
In addition to my broad experience and expertise in nonprofit tech, I have a wide network of experts and consultants to support my work. My resume is here, and my LinkedIn profile is here. And I’m easy to contact as psc here at techcafeteria.com or peterscampbell at Google’s email service.