Listen to Podcast
Like podcasts? Find our full archive here or anywhere you listen to podcasts: search Community IT Innovators Nonprofit Technology Topics on Apple, Google, Stitcher, Pandora, and more. Or ask your smart speaker.
Building a Foundation for IT Innovation
Join Pat Sprehe, Carolyn Woodard, and Sarah Wolfe for insights from over 20 years supporting nonprofits into when to take a chance and innovate, and when to invest in the IT basics first.
For every success story you hear about an innovative new app or technique that a nonprofit used to change their sector, you probably know dozens of nonprofits with “big idea” tech projects that didn’t deliver.
How can your leadership team tell the difference between an IT idea that your organization can support and one that will cause wide-reaching headaches? Is your nonprofit ready to innovate? Are you trying to cut corners where you shouldn’t?
When should you invest your resources first in getting your existing IT house in order and when should you go big?
This webinar presents a framework to help identify when to take an IT chance, based on your nonprofit size, lifecycle stage, leadership, culture, cybersecurity needs, and existing IT status.
Having served nonprofits exclusively for 20+ years, we also provide a checklist of basic IT must-haves that every nonprofit executive needs to know about, whether or not you plan on an innovative project.
It’s worth reflecting on that innovations don’t necessarily need to be the newest thing. They don’t even need to be cutting edge. If you’re on the cutting edge, you can get cut and as nonprofits we don’t necessarily want to be the ones on that edge.Pat Sprehe
Patrick Sprehe joined Community IT in 2010 and has provided technical support to a variety of clients on a variety of issues. As IT Business Manager Team Lead, Patrick manages the team that guides our clients’ IT roadmaps and provides help with overcoming their nonprofit technology challenges. Patrick graduated from University of Maryland, University College with a B.S. in Information Technology. Patrick is also a certified BRM (Business Relationship Management) Professional. Patrick enjoyed sharing insights from years of service and helping you shape your approach to innovation based on success stories.
Carolyn Woodard is currently head of Marketing at Community IT Innovators. She has served many roles at Community IT, from client to project manager to marketing. With over twenty years of experience in the nonprofit world, including as a nonprofit technology project manager and Director of IT at both large and small organizations, Carolyn knows the frustrations and delights of working with technology professionals, accidental techies, executives, and staff to deliver your organization’s mission and keep your IT infrastructure operating. She has a master’s degree in Nonprofit Management from Johns Hopkins University and received her undergraduate degree in English Literature from Williams College.
Sarah Wolfe is Sales Manager at Community IT Innovators. A DC Area native, Sarah has years of experience interacting with nonprofits of all sizes in her role ensuring partner organizations are receiving the right combination of IT support services to meet their organizational needs and goals. She is a founder of the internal BLM working group at Community IT and recently organized and moderated panels on diversity in nonprofit tech and basic IT support for accidental techies. Prior to joining Community IT, Sarah was a science teacher at various schools in Maryland. She attended Oberlin College in Ohio, graduating in 2008 with a Bachelor of Arts in Biology. This topic of the consequences of not building a foundation for IT innovation is one she thinks about a lot in her interactions with prospective clients and she loves sharing her insights and hearing your stories of risk and reward.
Carolyn Woodard: Hello, everyone. Welcome to the Community IT Innovators webinar, Building a Foundation for IT Innovation at Nonprofits. Innovations in nonprofit tech are trendy and it seems like every day we hear a new story about a nonprofit doing a great job with a new tool or a new approach, but since we work in nonprofits, we know there are virtually no quick fixes out there to our problems, and that goes for tech too.
So how do you know when you are making a good investment and how do you know when the risk is too big?
Our learning objectives for this session today are that after the session:
- You’ll be able to describe nonprofit innovations in tech and why they may be good or detrimental.
- You’ll be able to describe five dimensions you can use to think about the readiness of your nonprofit to take on an innovative IT project.
- And you’ll be able to describe basic IT fundamentals that all nonprofits need to take care of, especially when considering an IT innovation.
The presentation today is based on a free download from our site. I’ll share the link in the chat in just a moment if you haven’t already downloaded it. But don’t worry, we’re going to go through it. If you want more detail in-depth, you can look through the guide.
Before we begin, if you’re not familiar with Community IT just a little bit about us. We are a 100% employee owned, managed services provider. We provide outsourced IT support. We work exclusively with nonprofit organizations and our mission is to help nonprofits accomplish their missions with the effective use of technology. We serve nonprofits across the United States, and we’ve been doing this for over 20 years. We are technology experts and we are consistently given the MSP 501 recognition for being a top MSP, which is an honor that we received again in 2021. So Pat, would you like to introduce yourself?
Patrick Sprehe: Sure. My name is Patrick Sprehe, I use he/him pronouns. I am the IT Business Manager Team Lead at Community IT. My team helps our clients help them accomplish their nonprofit missions with IT planning and guidance, budgeting, road mapping, all that kind of stuff. We tend to field the non-troubleshooting technical questions, things like, How do I best secure my network? What kind of or how to accomplish certain IT projects or initiatives and just other general questions and planning items.
Sarah Wolfe: My name is Sarah I use she/her pronouns. Community IT is located in DC. I’m a DC native and I joined Community IT in March of 2018 and I am now Sales Manager and have been for about six months.
I hear a lot of stories from prospective clients who are coming in and needing help with getting their IT in line. And so, one of the things we talk about is the strategic planning that goes around bringing somebody in to help manage their IT, and also what to do with some of the larger strategic plans that are going to be coming down the pipe. Carolyn?
Carolyn Woodard: Thanks, Sarah. My name is Carolyn Woodard. I’m Marketing Director at Community IT, and I’ll be monitoring the Q&A in the chat today and helping Pat and Sarah with their presentation. I’ve worked at large international nonprofits and at smaller nonprofits and I managed IT at nonprofits. So that has also helped me gather some of the anecdotes and information we’re going to cover today.
I’ve been thinking about this for many years over my career, and one of the things I think about is how the media and funders love nonprofit innovation stories, particularly around tech. Today we want to stress that we really support innovative technology at nonprofits. You can solve lots of problems in lots of creative ways. We know that the nonprofit sector is good at doing that. Every day there are new stories, as I said, they make us feel good about the way nonprofits can do more with a little ingenuity.
But I think if you work at nonprofits, you’ve probably been burned by tech at nonprofits potentially. Today, we’re going to talk about our framework for deciding when tech innovations are good investments.
To start out, some definitions of the kind of Nonprofit IT Innovations we’re talking about:
- it could be an app,
- it could be new IT,
- it could be an innovative use of existing IT,
and all these types of innovation are potentially great and potentially risky. So I want to make sure to mention here too, that we sometimes see nonprofits adapt existing IT to do something slightly different either because the tool doesn’t exist for the nonprofit sector or because we’ve chosen the wrong tool and we’re trying to make the tool that we have fit the situation that we have. So it can be a problem to try to force a tool or a platform to do a nonprofit thing, but sometimes it can be successful.
Today, we’re going to talk a little bit about different innovations that might be considered hacks or innovations in their own right, but in any case, it’s important to do a software platform selection assessment. Make sure that you’ve identified your business or mission needs and that the tools you’re considering are going to address those needs and solve those problems.
We’re going to ask you to do a poll for us to start out: Is your nonprofit innovative about IT?
You can say
- we have completed a successful and innovative IT project, or
- yes, we had challenges, but overall, our IT project was a success, or
- sort of – our IT innovation was successful in some ways, but not in others.
- I don’t know, we’re in the middle of an IT innovation right now.
- No, our attempted innovation was a big fail, or
- we have not attempted any IT innovation recently.
For the nonprofit IT innovations being in the news, I’m not going to spend a ton of time on these because you probably have your own anecdotes that you have thought of or are familiar with.
But one that happened recently is this Ukraine Take Shelter which is a cautionary tale around innovations. So there was an entrepreneur who wanted to create an Airbnb style instant website that would connect refugees from Ukraine with temporary housing. But he didn’t work with established refugee resettlement organizations or properly vet the hosts. And that was a really big red flag for those families. Who knows what kind of host families they were?
But then on the other side for a success story probably most of us are familiar with The Oregon Trail which was a very innovative computer game for education and launched a whole education genre of games.
Those are two examples of ways that nonprofits have been and can be innovative.
Framework of Considerations
Today we’re going to talk about the different dimensions that we use at Community IT when we help nonprofits think through their readiness for IT innovation.
The different dimensions are:
- your culture: leadership, IT decision making, your staff, your budget.
- A second dimension is your life cycle stage, the age and growth of your organization, how big are you? And are you a startup? Are you a long term established nonprofit? Those kinds of questions.
- We have another dimension that is your level of entrepreneurship. So are you an entrepreneurial organization, or not?
- if you have any special security concerns,
- and we’re going to finish up with a discussion of IT basics that form the foundation and every nonprofit needs to have in place before you can even think about trying to do an innovation on top of that foundation.
Sarah Wolfe: One of the biggest things that impacts your ability to innovate is your culture. Understanding how your leadership and your IT works is really important. Knowing if your executive team prioritizes IT as an integral business function, or do they always want the latest and greatest fix or are they willing to look at what you currently have and see if that fills a need in a way that you haven’t anticipated before?
Making sure that you have the budget and the bandwidth to undertake an IT project and making sure that, if you have a director of IT, or somebody filling that role, do they have the capacity in the organization and have they taken the temperature of the rest of the organization to make sure they have the capacity to implement whatever tech innovation or tech project you’re wanting to have?
One of the biggest things that is important is to make sure that you listen to your staff and help meet the needs that they’re having. If you have an organization that hasn’t properly created the baseline and base work for a new project or a new technology, you’re going to have the same organization that ends up reverting right back to the same old policies and practices. Then a new tool isn’t implemented properly. We’re also going to move over to life cycle, which Pat’s going to take lead on.
Patrick Sprehe: Yeah. We’ve organized the life cycle into four different groups.
- We have our startup sized organizations, which tend to be very small, maybe up to 10 people.
- Our growing organizations, which are from 10 to 30.
- Mid-size is from 30 to about 100,
- and then our mature organizations, which are a hundred plus.
It’s not directly correlated with the size of the organization.
Some of it is cultural, but in a startup organization and a very small organization, we tend to see the organization as being very mission focused.
Technology and frankly, everything that’s administrative, becomes very secondary to working on the mission. Planning for technology becomes very deprioritized and it’s less necessary in a small organization. Things are just much more complicated. If there’s any issues, you can just talk to people very easily. It’s clear who owns what throughout the organization.
Innovation tends to be very, very fast. Often what will happen is that somebody has a need, so they go find a technology. Then that becomes the technology that’s used for the organization.
For example, if you have a video that needs to be published and somebody decides, I’m going to do this on Vimeo, Vimeo becomes the platform in which all videos are published for the organization.
Because the organization is so small, change becomes very easy and it’s very easy to communicate and to spread that change throughout the organization.
As the organization gets larger the way you have to do things changes. This doesn’t just apply to IT either, right? The way you communicate, the way you make decisions, the leadership, all of that needs to change. In a growing organization teams start to form, there starts to be some hierarchy.
And it’s not enough just to work on delivering the mission. You have to think about how the work is done. And so you start to need standardized IT, IT budgeting, somebody who owns IT, it doesn’t have to be necessarily an IT person, but there needs to be some sort of COO or Director role who owns the IT piece.
At this point the priority becomes putting IT in good order. Making sure that there’s a solid baseline, that IT is working well and that people can do their work.
The purpose of IT is to help the organization accomplish the mission. So there needs to be good working IT to accomplish that mission.
One of the things Sarah mentioned talking about culture, is that you want leadership that sees IT as an integral business function, that doesn’t see IT necessarily as a cost, but as an investment that has a return.
In order to innovate at this step you need more than just somebody doing something. You need leadership to have buy-in. Leadership needs to be either encouraging or championing innovation in technology.
One thing to note here is that innovation is not a good way to fix problems. We had a question about how to decide whether you should move to a new software in order to help improve what you’re doing at work, for example, avoiding redundancy. If you have a problem with the process that you’re trying to fix, you need to fix the process and then you need to find technology to implement that process.
What you can do is use technology as a guide. Most technology is based around best practices. The way you use it should align with those best practices.
We have an organization that we often work with called Build Consulting, and as Sarah alluded to, they have an equation, which is old organization plus new technology equals expensive old organization. If you don’t solve the underlying problems, then implementing a new technology on top of those problems is just going to result in something of an innovation disaster.
Moving on, looking at a more mid-sized organization.
Now we’re looking at an organization that has more levels of management. You’re starting to get to a size that maybe not all staff have met or know each other. You start to really need clear IT infrastructure standardized across the organization.
Hopefully you have defined IT leadership roles. Whenever you’re innovating, you need buy-in from both leadership across the organization, as well as the rank and file. You need clear decision making, getting input from all the different stakeholders. You want clear communication on any changes. You want training for staff on technology systems processes. You want to make sure that people know what’s expected of them, when it comes to change.
And then finally with a mature organization you want to have not only the IT leadership and budget. You want the leadership in the budget to have the capacity in terms of money, in terms of time, in terms of decision making freedom, and access to other leadership to build innovation.
There needs to be a very clear evaluation of risk, especially as you’re growing larger and as you mature. You do stand to lose quite a bit more if you’re larger and an innovation goes south than if you’re small and you can just move faster.
For large organizations, we tend to see them go in two directions.
You will see organizations where they have a very good budget and they have a very good technology foundation of not just the infrastructure that they have, but that the staff are very comfortable with technology and they’re using and are very open to innovation or new technology.
And then we’ll see organizations where they’re a little more set in their ways, a little more risk averse and less tech savvy. That’s not really a bad thing by any means. If it’s not broken, why fix it? But it does mean that innovation is a challenge.
We had a question about how you innovate if your staff are very low tech or don’t have a very good understanding of technology. I think the main thing I’ll mention here is, you definitely want leadership buy-in. You also want to find champions and allies throughout the organization. Let’s say you’re trying to encourage the organization to move to Slack for collaboration.
Have somebody on a team and every time they’re meeting with their team, say, why don’t I send you this over Slack? Or, why don’t we continue this conversation over Slack, or let’s have this meeting in Slack, and it’s just Slack, Slack, Slack, Slack. Other people are going to hear that. They’re going to start moving into Slack ,as well.
The other thing I’ll say is, start small. You don’t need to move every team to Slack all at once, continuing that example. Make it easy, make it make sense.
If you are implementing a change to an organization, you want to make it make sense to people, to leadership. You can present the return on the investment, the ROI. Most staff are also committed to the mission, they often respond to that same idea as well.
For All Sizes
Yeah, and then for organizations of all sizes, the thing to keep in mind is that the biggest challenge is not the technology, it’s just the act of changing.
Some years ago, when we moved from our file server to SharePoint, to having our files in the cloud, SharePoint was way easier, way more convenient for me. I’m very comfortable with technology, obviously. But I just had to develop the habit of going to SharePoint and remembering where files were instead of the way I had them on the file server. It just took time and it just took practice. You definitely want to work on that change management and that constant reminder to people.
Another example is, we are an IT MSP. We have a help desk. We have a lot of clients and for our clients, we have a document management system; we document all of our clients’ IT. When we implemented that system, I trained all of our different teams on it. I asked for feedback and I got silence. Nobody had anything to say about it.
It didn’t seem like people were really using it until about six months went by. Every time someone would reach out to me and mention something about a client, I would say, “Great. Thank you for letting me know, can you please document that in our document management system?” It’s that constant reminder and that process to get it going.
Training, communication, all of that is critical. We want to make sure staff know what is expected of them. I tend to talk a lot about internal innovation, because that’s what I tend to work with. But also constituents, you want to communicate very clearly to your constituents, to your community, what is coming and what is expected.
Also, know how you’re going to support and maintain new services. I mentioned our document management system. We’re actually rolling out an add-on that will let us collaborate with some of our clients that have internal IT. But before I can roll that out to those clients, I need to make sure that everybody internally knows if somebody comes with an issue about that system, where they go and who they are going to go to. The answer is me.
And then finally, two guidelines for any kind of new products or services, is that you want to make sure that you have security built in. The principle of secure by design is a standard in Community IT and you want to try to be cloud first. Sometimes it doesn’t make sense to be cloud first and you end up needing to have on-prem solutions, but that’s the direction the world is moving. It just makes everything much more mobile and flexible to move into the cloud.
Carolyn Woodard: That is so true. Thank you so much for that Pat, and yeah, communication is such a fundamental piece of everything that we’re talking about today.
I am going to talk a little bit more about entrepreneurial organizations and less entrepreneurial organizations.
So when I talk about entrepreneurial, I worked at a very entrepreneurial organization back in the day, and then one of my good friends there left and started working at a very traditional, very large, very old nonprofit. We used to go get lunch and compare notes on these two different large organizations. When I think about it and talk about it, entrepreneurial organizations might be more rule breaking. That might be a culture that’s set by the founder or by the mission, the thing that that nonprofit does.
More traditional or rule following organizations, that’s more traditional. Things go in a certain way and you do things in a certain way, and you’ve been doing them that way for a long time.
I don’t want to put any kind of judgment on either one of those, because they’re both incredibly necessary and incredibly valid ways for a nonprofit to operate.
Anyway, being an entrepreneurial organization isn’t a slam dunk in terms of being good at delivering IT innovation or being successful at IT changes. So while it is true that entrepreneurial cultures like big new ideas, entrepreneurs often have a lot of trouble following through, paying attention to detail, doing all of the kind of boring, repetitive stuff that you need to do to make certain tech work.
Entrepreneurial culture also, in my experience, creates a lot of competition. If you have departments that are entrepreneurial, are all in different silos they’re all seeing themselves as competing for an IT budget. As Pat was saying, often with a startup someone sees a problem, they go out, they get the tool that they need to solve their problem, but as an organization grows and you have different departments that are all doing that, it can be really, really hard to coordinate them and to get them to cooperate in IT that they’re trying to implement. So they can also see that budget as a zero sum gain. They need to get their budget for IT, for their project, and there’s not a lot of emphasis on coordinating that.
On the other hand, as Pat mentioned, entrepreneurial organizations do value and reward innovative thinking. They’re generally supportive of taking initiative, thinking outside the box. You don’t need to convince them to take a risk. So they can be very supportive. It’s just trying to make sure that you have the commitment, the communication, and that support to see an innovative tech project all the way through.
And then on the flip side, being at a more traditional and mature established nonprofit can actually create a really healthy culture for IT innovation, which seems a little bit counterintuitive, but on the plus side, large traditional older nonprofits often have a very well-established internal culture.
So if you can find the mechanisms to help staff bring up their knowledge of bottlenecks or processes or ways that you’re delivering your services that are ripe for some change, that would make them work better, you can utilize that staff experience and understanding to find those points where an IT innovation is going to make a big change and a very useful change.
You can also use the established processes to make those innovations or the new technology standard. Large organizations often spend a lot of time on their staff training. They get everybody to do a thing in the same way, the same thing. When you introduce a new tool, you have a lot of internal processes at your disposal to get new people using the new tool and doing the training with them.
Pat mentioned a little bit about having cheerleaders or having internal trainers or people who are really excited about the new thing and having brown bags or different opportunities for peer to peer training and enthusiasm to help that technology work.
Of course, non-entrepreneurial leadership may be hard to convince to take a risk. Also, if your budget for IT or your IT leadership aren’t in great shape, then you would need to focus your attention on fixing the decision making processes that you have and your basic IT fundamentals rather than trying to innovate.
There really is no way to innovate your way out of foundational issues. All of this is assuming that you have really good communication, which is the bedrock indicator of how ready your nonprofit is to try new things and how successful you’re going to be at change management.
Pat and Sarah, you were going to talk about security.
Sarah Wolfe: In communication and innovation, all nonprofits at this point have to worry about cybersecurity. There is no being too small to be a risk anymore. Everything’s changed, everyone’s a target and everybody needs to treat cybersecurity as a priority. A lot of organizations that have already started doing that are nonprofits that have data or clients or constituents who create an increased risk or working in an advocacy sphere that is at increased risk.
And harkening back to the beginning of the webinar, when we were talking about the app for Ukrainian refugees, they were very at risk and the security addressing that was really important.
When you know that you’re working with somebody with something that makes them vulnerable or more at risk for IT and cybersecurity threats, especially by a state sponsored interest, you really have to make sure that whatever your innovation is meets the added layers of security that you need. They’re compliance regulations or just making sure that the innovation melds well with your current security practices. And if it doesn’t, include that in your risk assessment about whether or not that should be something that you adopt, or is there something that will mesh better that does the same thing that you’re trying to get a new innovation to do.
I would be very frowned upon if I didn’t mention that one of the basics is MFA and that everybody should have MFA because that is one of the biggest basic IT security things that is in play right now.
Pat’s going to expand more on your IT basics and must haves.
Carolyn Woodard: Before we go on, though can we just make sure everyone knows what MFA is?
Patrick Sprehe: Yeah, I can jump in and explain it. MFA refers to Multi Factor Authentication. So if you think about a factor being something that authenticates you, so your password is a factor, and then another one would be, if you log into your bank website, they typically send a text message to your phone and you have to punch in that number, and so that’s another factor. And the password is something you know, the phone is something that you have and so those are two separate categories.
The third one being something that you are such as a biometric reading or your physical appearance, that kind of thing. One note about MFA is that there have been a lot of account compromises and hacks and all kinds of things over the past couple years to the point that the cyber insurance industry got hit really hard.
They are now requiring that anybody who needs cyber insurance has MFA on most cloud accounts or remote access tools. So we’ve been implementing a lot of MFA on a deadline very frequently. And so, I strongly recommend that you implement MFA.
I know our CTO, Matt Eshelman has done a couple webinars over the past few months about things like our nonprofit security incident report. And one of the points he made is that we had something like 30 or 40 account compromises last year that we responded to. None of those accounts had MFA on them. Accounts that have MFA on them are generally protected as long as you’re careful, obviously, but generally protected against account compromises.
IT Basics – Must Haves
So then moving on to IT basics, to the must haves. I’m going to start with infrastructure. Generally you want good infrastructure.You want your staff to be using good computers. If they’re using slow computers, they’re losing half an hour a day. That adds up to a lot of time loss, two and a half hours a week, about 10 hours a month. So you want people on good computers.
You want to keep those computers up to date and replace them regularly. You want to make sure that those computers are getting updated and patched and that any kind of data is being backed up. You also want your infrastructure systems to be maintained.
These days, a lot of infrastructure systems are in the cloud, but if you have servers, you need to replace those regularly.
Other infrastructure such as firewalls, wireless network switches, those kinds of things, you want to replace regularly, as well.
When you are replacing something or making any other change you want to make sure that you are planning and designing around what you need.
We’ve been talking about how you don’t always need the latest and the greatest. Sometimes what you want is just what gives you the biggest bang for your buck. But when you’re implementing them again, the technology is not really the challenge, it’s the change.
You want to make sure that you are managing that change and that users are adopting it. Ideally, you’re looking for options that integrate with what else you have or finding ways to integrate them and that you are budgeting for those changes. Not just the technology, but also for the change and that it’s fitting into a bigger part of your strategy.
Again, the purpose of technology is to help you fulfill the mission of your organization. So what you’re doing with technology should be aligning with what you are doing as an organization and whatever the business goals of your organization are. When you’re planning, you should always be planning for security.
So we talk about identity management.
So identity basically refers to your account, or more often than not your accounts, since I’m sure all of you have different services that you log into. If managing those different identities, those different accounts is complicated or difficult, there are a couple options.
Single Sign On is a great option, which lets you log into essentially one place, and then you are given permission to access all of the different services that you need.
Password manager is a great choice. I highly recommend them both professionally and personally. I have one that I use just for my passwords and then our organization has one that we use more broadly.
Access control, we see this implemented strongly at some organizations and it’s more open at others, but this is basically who has access to what at the organization generally, in terms of files.
Obviously, you probably want your finance files and your HR files locked down. And maybe different teams have open access to their team files.
Your communications team or your marketing team may not be worried about other employees seeing what campaigns they’re running, for example, but you do want some protection against people coming in from the outside and intruding on your IT, whether that’s in the cloud or on-prem.
Then, of course, your organization may have compliance requirements that you need to be responsible for, as well.
You want to have some operational support. You want to have somewhere where you can go when you have a problem. We have a remote help desk.
We also offer onsite services for those clients that need or want to have somebody on site. We also have escalation and we work with a lot of organizations that have an internal IT person who when they need to, can hand stuff off to us.
If things get very busy, if they’re on vacation, they can hand it to our help desk or if it’s beyond what they can handle, they can escalate it to our senior engineer team.
We also have a projects team that specifically handles implementing projects. Those can be big projects; we’ve moved file systems from servers to the cloud. We implement MFA which can be a pretty small project, password managers, through infrastructure maintenance as well.
One thing to mention is that hopefully all of this is underpinned by an IT policy that governs what is expected and what we want to see from IT.
So we strongly recommend starting with good policy. Sarah?
Sarah Wolfe: Yeah, that actually is the final bullet on the second must haves list. Especially for nonprofits, we understand that budgeting for things is very important and reducing the number of surprise purchases during a fiscal year is incredibly important.
Having a hardware life cycle management plan, some people call it a hardware refresh cycle is really important and it’s not just for computers, it’s for everything: your firewalls, your wireless access points. If you have an on-premises server, anything that’s hardware is going to need to get replaced at some point. Making sure that you do that and plan for that is important.
Most organizations are in Office 365 or Google Workspace. Whatever your platform is for email and file storage, you want to make sure you’re using the right licenses. There are a lot of different varieties of licenses and they give access to different tools that that platform provides. Some of them are able to give really robust cybersecurity monitoring, help desk support, capabilities. Making sure that you are using the right license for what you need is really important. Sometimes it does require a little bit more investment than just using the 10 free business licenses, but it’s worth it.
Regardless of whether or not you’re in the cloud or on premises, a lot of people are starting to work 100% or at least partially remotely. Being able to have accessible files is one of the most important things to keep your uptime and keep your productivity up.
Cloud storage is generally much more accessible and has a better uptime than having an on-premises server that you then have to remote into either through a VPN or a remote desktop-like service, whatever that’s using. So making sure that you have accessible files, usually it’s accessible cloud storage, is really important.
Patrick Sprehe: Yeah. In addition to just being accessible, cloud storage is also more flexible in terms of collaboration. You can share it not only with internal colleagues, but you can share it with external partners who can also collaborate on it.
Of course, you want all of this to be secure. You want to make sure that you are documenting things like access controls, who has access to different folders and different sections in terms of files, what folders can be shared and what cannot be shared.
Again, you probably don’t want your finance department folders to be shareable to external partners. All of this, hopefully has multifactor authentication.
One of the advantages of the cloud, because of the economy of scale, is that it’s easier to implement things like multifactor authentication than it is on a server.
And you want your staff to be trained on security. We use a product called KnowBe4 that lets us send test phishing emails. It lets us send training modules to people, so we are training them pretty regularly and keeping that fresh and keeping that up to date and keeping them aware.
And then we want our collaboration tools. So whether it’s Slack, whether it’s Microsoft Teams, it could be Zoom, it could just be email, but we want it to be secure and we want it to be well utilized.
If you are introducing a tool that nobody’s really using, then maybe you need to think about how best to either work with the organization to improve utilization, or maybe it’s just not a tool that people need or want to use.
To come back to IT governance, we want IT to have an owner and we want there to be a policy that says what’s expected, what’s an acceptable use of IT equipment, and other documents that may be useful or things like disaster recovery or an incident response plan. So how and when to respond to an incident, to an issue.
Sarah Wolfe: And don’t let those policies get made and then just sit on a shelf for seven years. They have to be constantly refreshed and checked to make sure that they are keeping up with the times. We had a big tech jump happen throughout the pandemic, and making sure we have the IT governance and the documentation adapted to that is really important.
Carolyn has put in a link in the chat already for the PDF and free guide of this extended conversation.
Carolyn Woodard: Yes, we encourage everyone to download the guide and I think the next slide is our takeaways to go back over the learning objectives.
Being able to talk about tech innovations in the news and our five dimensions that we went through of the different dimensions to think about for your nonprofit and how ready you are to pursue an innovation or even just to pursue a change in your IT.
It might be an IT that’s new to you that you would need all this in order to think about how to make it successful, basically.
And then also to be able to describe, as Pat and Sarah just went through, what we consider the basic foundations that every nonprofit needs to have in place in terms of IT. That’s all also in the download.
So you can find it there if you were struggling to take notes with all that good information.
Question and Answer
We did have a question come in through Q&A, in an organization looking forward to implementing Salesforce. Is that an IT innovation in your opinion? If not, why not? And if yes, what are keys to implementation success with something like Salesforce?
I’m not sure what system they are moving to Salesforce from. Pat, if you have any experience with that, you want to take on that question?
Patrick Sprehe: Yeah. Salesforce is a very flexible platform. So the short answer is yes, it is an innovation.
It’s worth reflecting on that innovations don’t necessarily need to be the newest thing. They don’t even need to be cutting edge. If you’re on the cutting edge, you can get cut and as nonprofits we don’t necessarily want to be the ones on that edge.
So yes, it’s an innovation. I would say make sure as you’re deploying it that you’re testing it and that you are also deploying it in small groups first. So you can think of having a pilot group.
I find that’s extremely useful. They can try it out, they can give feedback. I mentioned in my experience with our document management system, that when I asked for feedback, nobody had anything to say. In reflection, it might have helped if I had had some guiding questions to give them first.
You may want to develop a survey as you’re showing it to people. And as you’re training teams, just say, you know some questions to give them some guidance on the kind of things that you want them to respond with. And then start small, do it in groups, and then hopefully spread it to the organization.
And remember to keep reinforcing it because again, it’s a habit change and changing habits is hard. You want to do all the things, James Clear in his book, “Atomic Habits” is all about habit change. New York times bestseller, he talks about making it easy, making it obvious, all those kinds of things. I hope that helps.
Sarah Wolfe: We also had a little follow up information. They are implementing Salesforce. There’s no previous system. And so it’s all been carried in people’s heads as institutional knowledge that they’re the only person for.
The first thing that comes to mind for me, is to build in more time than you would expect to be able to get that information out of people’s heads and into the actual system. Try and understand their current process of how they do things and see how you can support some of those processes or how you get them to merge into the Salesforce platform in as seamless a way as possible. Pat’s right; changing habits is hard, and if it’s getting their process into an external system, sometimes it really takes time for them to realize what they’ve been doing internally and put it onto paper and then practice for other people.
Carolyn Woodard: I agree, and I think that’s a big investment. So you’re also going to want to, as much as you can, make sure that your leadership is really modeling and using it and showing rather than telling how important it is to your organization as you move forward. So that is another thing to think about.
We have another question that has come in from the Q&A.
AI, Artificial Intelligence, is also a way of innovating. Do we have ideas and experience with AI programs?
Probably all of us have the little experience of Microsoft Clutter or Vivo telling us, “You’ve been in this meeting for… Do you want to end this meeting now because you need five minutes to get to your next meeting?” So we have a little AI coming into our lives in all kinds of crazy ways.
Pat or Sarah, want to take on more specific AI use in a nonprofit?
Patrick Sprehe: In some ways I’m still waiting for AI to develop more to really see it take its place. Where I’ve seen it introduced is in products that use AI.
Carolyn mentioned Microsoft is integrating it into some of their products to help with productivity. I know one of the email security services that we offer: impersonation protection, which is also known as CEO Fraud protection. That analyzes an email message and says, “Is this the address that this person usually sends from? Are there any red flags?” The AI looks at that and says, “Well, this is asking you to do something immediately, like fill a form because your account’s been compromised and that’s very suspicious, so we’re going to junk that kind of thing.”
That’s some of the ways that I’ve seen it done. And of course, if you go to a website, you see a little pop up, “Do you want to talk to somebody or do you want to talk to this computer generated customer service representative to figure out what product you want?”
So I’ve seen it in those cases. None of those are really nonprofit specific. That’s the best use cases that I’ve seen.
Carolyn Woodard: I think I’ve also seen products aimed at nonprofits in terms of AI that will scan your database for you and tell you when to contact your donors, when they’re more likely to give. That seems a little bit like you were saying Pat too, on the cutting edge, like they’re expensive programs.
It’s like some technology or innovation is trying to offer you a quick fix. If you just implement this program, you’ll know where your major funders are in your database. But if your database isn’t in good shape, if you don’t have good data in your database, having an AI look at it for you is not going to help you with your fundamental process problem at your nonprofit.
Those are all issues that you have to have a healthy skepticism about. Is that investment going to fix a problem or do we have a people problem that we need to fix?
We’re getting close to time. Thank you so much for these great questions, and I love thinking about all of this, so I really appreciate the questions coming in.
I want to make sure to tell everyone that we have another webinar coming up next month. It’s on June 15th at 3:00 p.m. Eastern, and that is going to be talking about Google Workspace.
We have a lot of nonprofits that are using Google Workspace for their entire organization, or integrating Google Workspace with an Office 365 environment.
We have an expert, Steve Longenecker, who is going to talk about all things Google Workspace for nonprofits next month. We hope you’ll come back and join us for that because it is a very quickly growing platform that a lot of nonprofits are using and needing to manage. And there are a bunch of tools out there that we’re going to talk about. So that is coming up next month.
I want to make sure to remind everyone to please take the survey when you end this webinar, and I just want to thank you again, Pat and Sarah, so much for sharing your experience and expertise with us and helping us think about innovations and IT foundations.
So thank you very much everyone, and hope to see you next month.