Community IT Innovators Nonprofit Technology Topics podcast

32:27

Are your staff as ready as they can be for the next attack? Our cybersecurity training team manages hundreds of clients and shares our knowledge on what works to keep your staff prepared, not just scared. Matt Eshleman, our CTO and cybersecurity expert answers your questions on how to manage frequent, timely, and engaging training . Part 1 covers the cybersecurity landscape and types of threats facing nonprofits, our framework for how to think about cybersecurity and where staff training fits in your strategy, and the basic philosophy of security awareness training. Pt 2 gets into the details and examples of a typical cybersecurity training program, and Matt answers audience Q&A. Cybersecurity Awareness Training Tips We often say that staff training is a foundation for cybersecurity protections . As the risks are always evolving, your training needs to be current too. Gone are the days when your staff could be adequately protected by watching an hour long video with a quiz once a year. But managing more frequent training is difficult. We will discuss the tool we use, KnowBe4 , which makes it easy to stay up to date and administer training to all staff. There are other training tools out there that work for nonprofit staff – the most important tip is to commit to training and to prioritize it as a team. Your staff and leadership are your best defense of the organization you care about. In addition, with new auditing requirements SAS145 your auditor must assess IT risks to your financial processes – and it will be necessary to demonstrate staff cybersecurity training in your audits. Learn about these issues and more with our experts! If you’ve been putting off implementing a comprehensive cybersecurity awareness training regime, don’t wait any longer. Join CTO Matthew Eshleman and host Carolyn Woodard to learn how to implement an up-to-date and flexible cybersecurity awareness training program this year. As with all our webinars, this presentation is appropriate for an audience of varied IT experience. Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community. There are multiple cybersecurity awareness training vendors with products that work for nonprofits. We will be discussing the tool we have selected and use, KnowBe4 , which offers nonprofit discounts, but our insights and tips will be useful no matter what training program you are using, or if you want to create and run cybersecurity awareness training in house. Many questions asked at registration or live at the virtual event will be answered in the transcript. Check back after the webinar for additional resources. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Cybersecurity Awareness Training Tips pt 1 with Matt Eshleman 34:23

acum 8 zile34:23

34:23

1
Community IT Help Desk 19:31

acum 15 zile19:31

19:31

A week in the life of the Help Desk Team Ever wonder what it takes to be a help desk analyst, or what our Help Desk Team does in a typical week? We’re inordinately proud of our Help Desk Team, the first and usually only point of contact for most staff for most clients. Listen to this presentation on a typical week and learn about the teamwork, expertise, and continual learning that goes into providing excellent IT support service. “You all do such an amazing job, with such great positive energy, and we always get such great feedback from our clients about the service they receive from the help desk. It’s really, it’s so critical to all of the work that we do. So I just want to thank each one of you for all your hard work and your diligence.” Johan Hammerstrom, CEO _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Anti-Doxxing and Nonprofit Staff Safety with Shauna Dillavou 40:09

acum 22 zile40:09

40:09

Shauna Dillavou is the co-founder of Brightlin.es, a security firm working with the nonprofit sector to prevent vulnerabilities. She is a seasoned intelligence analyst with decades of experience working for the US government. She formerly was part of a team locating cartel associates by their online traces, and founded Brightlines to reverse-engineer that experience to protect vulnerable staff from online doxxing and threats to their personal safety. Unfortunately in recent years the threats against nonprofit staff have grown, making this service necessary and timely. We know nonprofits are facing challenges in a challenging time. At Community IT, when we think about and enact cybersecurity for our clients in the nonprofit sector, we generally are focused on protecting the organization, its data, its systems, and its finances, from bad actors. Those hackers are overwhelmingly interested in financial benefits: getting you to wire the money to their bank account instead of your real bank account. While some cyber criminals are interested in gaining insights into your advocacy area or your networks, a majority of cyber crimes against nonprofits are purely financial. But what happens when your nonprofit is involved in an advocacy area, a country, or an issue that has suddenly become controversial? Media attention turns to your spokespeople, your staff, your board, and your volunteers – anyone who has been associated with your organization’s issue. Particularly online. It isn’t long before that online attention can become threats against your personnel. “Doxxing” is a term for when an opponent releases personally identifiable information about you – your home address, phone number, your parents, your kids’ personal information. Doxxing is meant to inspire terror and to shut you up. And sometimes the online rancor, coupled with personal information, can lead unhinged individuals to act on these online threats. In this interview, Carolyn talks with Shauna Dillavou, co-founder of Brightlin.es , a security company that works in the nonprofit sector to prevent personal vulnerabilities for staff who may be in the online media spotlight. With decades of experience in the intelligence community, Shauna co-founded Brightlines to provide resources to nonprofits, foundations, and others who face threats and escalation against their staff or spokespeople. In this podcast on anti-doxxing and nonprofit staff safety with Shauna Dillavou, learn the types of personal threats that are becoming more common, and the steps you should take to protect your vulnerable staff. Community IT is proudly vendor-agnostic and our podcasts and webinars cover a range of topics and discussions. Podcasts are never a sales pitch, always a way to share our knowledge with our community. Brightlines is one of many services that exist to improve the security of your staff, executives, and board members. This interview with Shauna Dillavou explores the parameters of the problem and gives general advice on steps to take if you or your staff are threatened online. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Ramunda Lark Young, Founder of Mahogany Books 41:39

acum 29 zile41:39

41:39

In this interview from December 2024, Director of Marketing Carolyn Woodard talks with Ramunda Lark Young about her journey from growing up in Tulsa Oklahoma to working in Washington DC to founding an online Black bookstore during the 2007-2008 recession. In addition to a website where you can find curated lists of books to fit any interest, Mahogany Books now has 2.25 in-person stores in DC and hosts author events and a podcast. What did it take for Ramunda to believe in her vision of owning a bookstore where Black Books Matter, and how did she follow that vision to success? What does Ramunda do to stay grounded and mentally healthy, and what lessons has she learned on this journey about the importance of seeing ourselves celebrated in the communities around us? We know nonprofits are facing challenges in a challenging time, and we could all use a little inspiration. Join Carolyn and Ramunda for a few minutes to talk about books, entrepreneurship, and community. --- Ramunda Lark Young is Co-Founder and Co-owner of Mahogany Books online and with 2.25 locations in Washington DC, including National Harbor, National Airport, and a new location in Anacostia. Unapologetically Black-owned, family-run and operated, Mahogany Books is a local independent bookstore that believes in social entrepreneurship. They take a leadership role in the African American community by promoting reading, writing, and cultural awareness as tools to improve self-esteem, self-love and ultimately our communities to enrich the lives of motivated individuals. With over 20 years of combined retail book industry experience, Ramunda has witnessed a variety of market highs and lows which helped develop a bookstore model capitalizing on technology while staying true to the independent community bookstore roots that define the core values of the owners. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
2025 Nonprofit Tech Round Table pt 2 39:45

acum 5 weeks39:45

39:45

Expert Tips on Current Trends: Webinar 2025 Nonprofit Tech Round Table How is your organization using AI? What policies do you need? What should you be worried about? Download the Community IT Acceptable Use Policy Template for AI Tools in the Nonprofit Workplace . Steve and Matt also share a veritable "grab bag" of new tools, new chips, and other new issues to keep an eye on that will impact the nonprofit sector using IT in 2025. Join CTO Matthew Eshleman and Director of IT Consulting Steve Longenecker , moderated by Carolyn Woodard from Community IT, in a lively and specific discussion of all things nonprofit tech for 2025 and beyond. It’s like listening in on your smart friends talking about stuff you need to know about but don’t know who to ask. Kick off the new year with a new understanding of trends and practices that can help your nonprofit succeed. This is one of our most popular webinars and podcasts year after year for a reason. We don’t believe a lot of lingo or jargon is necessary to understand what you need to know to manage IT. As with all our webinars, this presentation is appropriate for an audience of varied IT experience. Part 1 covers our introductions, a discussion of hybrid work in the nonprofit context, and tips on new cybersecurity from our expert. Part 2 covers AI, a "grab bag" of new tech and new issues, and audience Q&A. Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community. Many questions asked at registration or live at the virtual event will be answered in the transcript. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
2025 Nonprofit Tech Round Table pt 1 30:30

acum 6 weeks30:30

30:30

Expert Tips on Current Trends: Webinar 2025 Nonprofit Tech Round Table Is the Hybrid/Remote Workplace here to stay or on the way out? Download the Nonprofit Guide to Remote Work What is the new cybersecurity reality and what should you be doing now to better face the next threats? Download the updated Cybersecurity Readiness for Nonprofits Playbook Join CTO Matthew Eshleman and Director of IT Consulting Steve Longenecker , moderated by Carolyn Woodard from Community IT, in a lively and specific discussion of all things nonprofit tech for 2025 and beyond. It’s like listening in on your smart friends talking about stuff you need to know about but don’t know who to ask. Kick off the new year with a new understanding of trends and practices that can help your nonprofit succeed. This is one of our most popular webinars and podcasts year after year for a reason. We don’t believe a lot of lingo or jargon is necessary to understand what you need to know to manage IT. As with all our webinars, this presentation is appropriate for an audience of varied IT experience. Part 1 covers our introductions, a discussion of hybrid work in the nonprofit context, and tips on new cybersecurity from our expert. Part 2 covers AI, a "grab bag" of new tech and new issues, and audience Q&A. Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community. Many questions asked at registration or live at the virtual event will be answered in the transcript. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
4 New Year's Resolutions with Carolyn Woodard 26:28

acum 7 weeks26:28

26:28

Set four intentions to make 2025 safer, saner, and more fun for your IT staff and your nonprofit. Now is the month to set intentions for the year ahead. We know nonprofits are facing challenges in a challenging time. Be intentional about setting expectations for yourself and your organization this year and you will take some of the stress off. Director of Outreach and podcast host Carolyn Woodard walks through four resolutions you can make to make 2025 easier on yourself. Put self-care first – set yourself up for mental and physical health so you can do the things your nonprofit needs you to do Put organization care second – up your cybersecurity to meet evolving threats Clean up! – do a spring cleaning of your files, data inventory, and subscriptions Do something fun – take a tutorial, come together as a team Keeping these 4 New Year’s Resolutions will make your 2025 safer, saner, less stressed, and more fun. We provide lots of the resources you need on our site – you just need to set your intentions and keep these priorities through the year. Some key resources: De-Stress! Self-Care for Nonprofit IT Staff Cybersecurity Readiness for Nonprofits Playbook SAS145 Auditing Guidelines DKIM/DMARC and email deliverability Single Sign On (SSO) MFA updates File Structure and Permissions Best Practices Data Governance Subscriptions Inventory Becoming a Learning Organization Using an IT Skills Matrix for team building Skills Matrix Best Practices hosted by Build Consulting Ready to get strategic about your IT? We think your IT vendor should be able to explain everything without jargon or lingo. If you can’t understand your IT management strategy to your own satisfaction, keep asking your questions until you find an outsourced IT provider who will partner with you for well-managed IT. If you’re ready to gain peace of mind about your IT support, let’s talk . _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Using Google Groups with Steve Longenecker 38:14

acum 8 weeks38:14

38:14

If your organization uses Google Workspace you have access to Google Groups. Kind of like a listserv but so much better. What are Google Groups? If your nonprofit uses Google Workspace , you can use Google Groups to manage tasks via an email group, with granular controls and monitoring if you need it. Google Groups can improve security for email addresses like “donate@mynonprofit” or “info@mynonprofit” if that email directs to a group and is not its own account that’s credentials could be hacked. Director of IT Consulting Steve Longenecker explains the ins and outs of using Google Groups and some issues to consider including Google’s Fedramp certification if you are trying to use Google Groups with federal workers. Since few MSPs can help nonprofits using Google Workspace, please contact us if you have more questions we can help with. We know that so many nonprofit startups start using Google Workspace because it is easy. Some Key Takeaways: Google Groups works like a listserv, allowing multiple people to view and respond to group emails right from their inbox. No new tools needed like slack or discord. Keeping it simple can help your team or volunteers engage easily. Google Groups allows granular permissions and allows a manager to assign certain email threads to specific team members, so you can make sure all donation inquiries get a quick response, for example. Managers can get valuable insight into email thread status and team members can easily collaborate without checking and back-checking to see who is taking which inquiry. Google Groups can be useful in keeping volunteer groups organized and engaged. You can assign any email to Google Groups, making a partly external volunteer team more functional and making it easier for busy volunteers to participate, right from their inbox. Google Groups has many security features that make it preferable to listservs. And Listerv tools are becoming harder to find and manage. Everyone uses email – if you already use Google Workspace you have a listserv tool already available to you, for free, that has many features and security that listservs just don’t have. Google Groups is relatively easy to set up and manage, and Google provides lots of helpful how-to tutorials and advice that are accessible to non-technical managers. If you are trying to use Google Groups with federal employees and encountering resistance, be aware that Google has Fedramp certification . This means your federal friends are allowed to use it from a security perspective. Google Groups is a tool you should consider if you are struggling to manage a team or volunteer group. It is easy to get started and easy to expand as you learn the capabilities. We know that few MSPs serving nonprofits are experts in Google Workspace. Community IT has developed expertise in Google Workspace support since we serve nonprofits exclusively, and so many nonprofits use this platform. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Top Nonprofit IT Stories of 2024 with Senior Staff at Community IT 21:08

acum 9 weeks21:08

21:08

Welcome 2025! It's going to be a big year for nonprofit IT and as is our tradition, our senior staff weighed in with the biggest stories of 2024, the most overlooked trends, and what they will be keeping an eye on in 2025. We hear from Senior Engineer David Dawson, Director of IT Consulting Steve Longenecker, IT Business Manager Erik Solce, IT Business Manager Team Lead Norwin Herrera, Chief Technology Officer Matthew Eshleman, Senior Consultant Nuradeen Aboki, CEO Johan Hammerstrom, and Carolyn Woodard, Marketing Director and webinar and podcast host on what we are seeing in our sector. Please join us January 22 for a Nonprofit IT Round Table webinar with Steve, Matt, and Norwin where we will discuss new trends and risks in more depth and take your questions live. https://communityit.com/webinar-2025-nonprofit-tech-round-table/ Thank you for joining us in 2024 and we look forward to sharing resources and learning together in 2025! _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Going Server-less with Norwin Herrera 28:34

acum 10 weeks28:34

28:34

Is your nonprofit ready to go server-less? What's holding you back from going to the cloud? Norwin Herrera is an IT Business Manager with Community IT and has decades of experience in IT and as a nonprofit IT consultant. In his work with clients over the years he has learned some of the barriers to moving entirely into the cloud, and gives some advice in overcoming that inertia. Starting with saving money, using a more secure and more current technology, and then throwing in convenience - moving to the cloud is the right move to make. If your nonprofit is hesitating, learn more about the cost savings, security, and convenience from Norwin. Norwin's IT Business Manager team and the Projects team at Community IT are well-versed experts in this type of large project. It can seem daunting, but with expertise and experience, Community IT can help you tackle what needs to be done to get off your server before it is obsolete, and move into a cloud-based platform. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Cybersecurity Readiness for Accountants with Matt Eshleman 32:20

acum 11 weeks32:20

32:20

Cybersecurity Readiness for Nonprofit Accountants, Hosted by Jitasa University Join Matt Eshleman, cybersecurity expert and author of the re-released Community IT Cybersecurity Readiness for Nonprofits Playbook, in a short presentation on how to use the playbook to protect your organization if you are a financial manager or accountant. In this video, you will Learn about the free downloadable Playbook on Cybersecurity Readiness for Nonprofits and how financial officers and accountants can utilize this Playbook Learn the most common scams and trends in cybersecurity for nonprofits Understand the current cybersecurity landscape and the role of AI in new risks Learn tips for getting buy-in from stakeholders Understand cybersecurity training best practices for nonprofit staff This video is designed for financial professionals in nonprofits, from CFOs to accountants. This Cybersecurity Playbook covers issues and best practices important to any nonprofit staff and leadership; this video concentrates on the questions and issues relevant to financial staff, and is hosted by Jitasa University. You do not need to be an IT professional to find value in this playbook. Download the free Cybersecurity Playbook here: https://communityit.com/download-cybersecurity-readiness-for-nonprofits-playbook/ _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
New Nonprofit Auditing Requirements SAS145 with Johan Hammerstrom 21:28

acum 12 weeks21:28

21:28

New nonprofit auditing requirements SAS145 now include IT and cybersecurity compliance. Are you ready? In 2022 the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement . The new standard became effective for audits of financial statements for periods ending on or after Dec. 15, 2023. For more on SAS 145 changes, read this article in the Journal of Accountancy . For the first time, SAS No. 145 now provides explicit definitions for the terms general information technology (IT) controls, IT environment, and information-processing controls. In addition, as IT utilization brings additional risk, the new guidance expressly defines risks arising from the use of IT. As audits proceed with the new guidelines, we expect a learning period for auditors, IT professionals, and nonprofit leaders. If you have questions about what the new requirements entail, you are not alone. Community IT has begun to field questions from our clients and their auditors about IT systems and cybersecurity controls. We will continue to share our insights and advice with our community as audits evolve to incorporate IT security. We're happy to see IT security requirements finally addressed in financial audits and look forward to helping nonprofit leaders and auditors better understand the interplay of well-managed IT with better financial security and protection from bad actors. Listen to CEO Johan Hammerstrom explain the changes to the guidelines in SAS145 that you will need to know whether you are in nonprofit IT, financial, or leadership roles, or an auditor looking for insights into the IT management side of the new requirements. Since the new nonprofit auditing requirements SAS145 impact everyone in nonprofits, please contact us if you have more questions we can help with. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
Year-End Cybersecurity Tips with Matt Eshleman 25:45

acum 13 weeks25:45

25:45

It won’t be a surprise that AI is on everyone’s mind. Matt also shared some thoughts on some year end cybersecurity tips and maintenance to ensure your cybersecurity practices – and permissions – are up to date. Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered these year-end cybersecurity tips. Do a permissions audit at the enterprise level – what are your defaults for sharing, and how are you training your staff to log in to various tools and subscriptions that can access your data? At a personal level, what are the safest ways to log on to your accounts? How should you be storing passwords? How are you setting your personal sharing and log in permissions? Reviewing these policies and practices – and actually going in to your systems and checking – is a good end-of-year cybersecurity task. Consumer Reports has good tools for people who want to reduce their data footprint. Matt also reported back from the NGOISAC Conference on the trends that the community is seeing. For more information on the NGOISAC cybersecurity community for NGOs and Nonprofits, use this link. AI companies are not spending nearly enough on safety as they rush to market their products. That puts it on consumers and organizations to know how to protect themselves. AI is increasing the ability of hackers, and in the arms race with protectors, a corresponding use of AI to block phishing and other hacks is playing catch up. Nonprofits are going to need to understand our new environment where not just emails will seem realistic but where voice and video fakes will be put in use. Finding old fashioned ways to verify that the person you are interacting with is a person will become more important as AI powers grow. _______________________________ Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.…

1
6 Tips for Nonprofit IT in December with Carolyn Woodard 15:03

acum 14 weeks15:03