Set four intentions to make 2025 safer, saner, and more fun for your IT staff and your nonprofit.

Now is the month to set intentions for the year ahead. We know nonprofits are facing challenges in a challenging time. Be intentional about setting expectations for yourself and your organization this year and you will take some of the stress off.

Director of Outreach and podcast host Carolyn Woodard walks through four resolutions you can make to make 2025 easier on yourself.

• Put self-care first – set yourself up for mental and physical health so you can do the things your nonprofit needs you to do
• Put organization care second – up your cybersecurity to meet evolving threats
• Clean up! – do a spring cleaning of your files, data inventory, and subscriptions
• Do something fun – take a tutorial, come together as a team

Keeping these 4 New Year’s Resolutions will make your 2025 safer, saner, less stressed, and more fun. We provide lots of the resources you need on our site – you just need to set your intentions and keep these priorities through the year.

Some key resources:

• De-Stress! Self-Care for Nonprofit IT Staff
• Cybersecurity Readiness for Nonprofits Playbook
• SAS145 Auditing Guidelines
• DKIM/DMARC and email deliverability
• Single Sign On (SSO)
• MFA updates
• File Structure and Permissions Best Practices
• Data Governance
• Subscriptions Inventory
• Becoming a Learning Organization
• Using an IT Skills Matrix for team building
• Skills Matrix Best Practices hosted by Build Consulting

Ready to get strategic about your IT?

We think your IT vendor should be able to explain everything without jargon or lingo. If you can’t understand your IT management strategy to your own satisfaction, keep asking your questions until you find an outsourced IT provider who will partner with you for well-managed IT.

If you’re ready to gain peace of mind about your IT support, let’s talk.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

If your organization uses Google Workspace you have access to Google Groups. Kind of like a listserv but so much better.

What are Google Groups?

If your nonprofit uses Google Workspace, you can use Google Groups to manage tasks via an email group, with granular controls and monitoring if you need it. Google Groups can improve security for email addresses like “donate@mynonprofit” or “info@mynonprofit” if that email directs to a group and is not its own account that’s credentials could be hacked.

Director of IT Consulting Steve Longenecker explains the ins and outs of using Google Groups and some issues to consider including Google’s Fedramp certification if you are trying to use Google Groups with federal workers.

Since few MSPs can help nonprofits using Google Workspace, please contact us if you have more questions we can help with. We know that so many nonprofit startups start using Google Workspace because it is easy.

Some Key Takeaways:

• Google Groups works like a listserv, allowing multiple people to view and respond to group emails right from their inbox. No new tools needed like slack or discord. Keeping it simple can help your team or volunteers engage easily.
• Google Groups allows granular permissions and allows a manager to assign certain email threads to specific team members, so you can make sure all donation inquiries get a quick response, for example. Managers can get valuable insight into email thread status and team members can easily collaborate without checking and back-checking to see who is taking which inquiry.
• Google Groups can be useful in keeping volunteer groups organized and engaged. You can assign any email to Google Groups, making a partly external volunteer team more functional and making it easier for busy volunteers to participate, right from their inbox.
• Google Groups has many security features that make it preferable to listservs. And Listerv tools are becoming harder to find and manage. Everyone uses email – if you already use Google Workspace you have a listserv tool already available to you, for free, that has many features and security that listservs just don’t have.
• Google Groups is relatively easy to set up and manage, and Google provides lots of helpful how-to tutorials and advice that are accessible to non-technical managers.
• If you are trying to use Google Groups with federal employees and encountering resistance, be aware that Google has Fedramp certification. This means your federal friends are allowed to use it from a security perspective.

Google Groups is a tool you should consider if you are struggling to manage a team or volunteer group. It is easy to get started and easy to expand as you learn the capabilities.

We know that few MSPs serving nonprofits are experts in Google Workspace. Community IT has developed expertise in Google Workspace support since we serve nonprofits exclusively, and so many nonprofits use this platform.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Welcome 2025! It's going to be a big year for nonprofit IT and as is our tradition, our senior staff weighed in with the biggest stories of 2024, the most overlooked trends, and what they will be keeping an eye on in 2025.

We hear from Senior Engineer David Dawson, Director of IT Consulting Steve Longenecker, IT Business Manager Erik Solce, IT Business Manager Team Lead Norwin Herrera, Chief Technology Officer Matthew Eshleman, Senior Consultant Nuradeen Aboki, CEO Johan Hammerstrom, and Carolyn Woodard, Marketing Director and webinar and podcast host on what we are seeing in our sector.

Please join us January 22 for a Nonprofit IT Round Table webinar with Steve, Matt, and Norwin where we will discuss new trends and risks in more depth and take your questions live. https://communityit.com/webinar-2025-nonprofit-tech-round-table/

Thank you for joining us in 2024 and we look forward to sharing resources and learning together in 2025!

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Is your nonprofit ready to go server-less? What's holding you back from going to the cloud?

Norwin Herrera is an IT Business Manager with Community IT and has decades of experience in IT and as a nonprofit IT consultant. In his work with clients over the years he has learned some of the barriers to moving entirely into the cloud, and gives some advice in overcoming that inertia.

Starting with saving money, using a more secure and more current technology, and then throwing in convenience - moving to the cloud is the right move to make. If your nonprofit is hesitating, learn more about the cost savings, security, and convenience from Norwin.

Norwin's IT Business Manager team and the Projects team at Community IT are well-versed experts in this type of large project. It can seem daunting, but with expertise and experience, Community IT can help you tackle what needs to be done to get off your server before it is obsolete, and move into a cloud-based platform.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Cybersecurity Readiness for Nonprofit Accountants, Hosted by Jitasa University

Join Matt Eshleman, cybersecurity expert and author of the re-released Community IT Cybersecurity Readiness for Nonprofits Playbook, in a short presentation on how to use the playbook to protect your organization if you are a financial manager or accountant.

In this video, you will

• Learn about the free downloadable Playbook on Cybersecurity Readiness for Nonprofits and how financial officers and accountants can utilize this Playbook
• Learn the most common scams and trends in cybersecurity for nonprofits
• Understand the current cybersecurity landscape and the role of AI in new risks
• Learn tips for getting buy-in from stakeholders
• Understand cybersecurity training best practices for nonprofit staff

This video is designed for financial professionals in nonprofits, from CFOs to accountants. This Cybersecurity Playbook covers issues and best practices important to any nonprofit staff and leadership; this video concentrates on the questions and issues relevant to financial staff, and is hosted by Jitasa University. You do not need to be an IT professional to find value in this playbook.

Download the free Cybersecurity Playbook here: https://communityit.com/download-cybersecurity-readiness-for-nonprofits-playbook/

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

New nonprofit auditing requirements SAS145 now include IT and cybersecurity compliance. Are you ready?

In 2022 the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 145,Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement. The new standard became effective for audits of financial statements for periods ending on or after Dec. 15, 2023. For more on SAS 145 changes, read this article in the Journal of Accountancy.

For the first time, SAS No. 145 now provides explicit definitions for the terms general information technology (IT) controls, IT environment, and information-processing controls. In addition, as IT utilization brings additional risk, the new guidance expressly defines risks arising from the use of IT.

As audits proceed with the new guidelines, we expect a learning period for auditors, IT professionals, and nonprofit leaders. If you have questions about what the new requirements entail, you are not alone. Community IT has begun to field questions from our clients and their auditors about IT systems and cybersecurity controls. We will continue to share our insights and advice with our community as audits evolve to incorporate IT security.

Listen to CEO Johan Hammerstrom explain the changes to the guidelines in SAS145 that you will need to know whether you are in nonprofit IT, financial, or leadership roles, or an auditor looking for insights into the IT management side of the new requirements.

Since the new nonprofit auditing requirements SAS145 impact everyone in nonprofits, please contact us if you have more questions we can help with.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

It won’t be a surprise that AI is on everyone’s mind. Matt also shared some thoughts on some year end cybersecurity tips and maintenance to ensure your cybersecurity practices – and permissions – are up to date.

Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered these year-end cybersecurity tips.

• Do a permissions audit at the enterprise level – what are your defaults for sharing, and how are you training your staff to log in to various tools and subscriptions that can access your data?
• At a personal level, what are the safest ways to log on to your accounts? How should you be storing passwords? How are you setting your personal sharing and log in permissions?
• Reviewing these policies and practices – and actually going in to your systems and checking – is a good end-of-year cybersecurity task.
• Consumer Reports has good tools for people who want to reduce their data footprint.

Matt also reported back from the NGOISAC Conference on the trends that the community is seeing. For more information on the NGOISAC cybersecurity community for NGOs and Nonprofits, use this link.

• AI companies are not spending nearly enough on safety as they rush to market their products. That puts it on consumers and organizations to know how to protect themselves.
• AI is increasing the ability of hackers, and in the arms race with protectors, a corresponding use of AI to block phishing and other hacks is playing catch up.
• Nonprofits are going to need to understand our new environment where not just emails will seem realistic but where voice and video fakes will be put in use. Finding old fashioned ways to verify that the person you are interacting with is a person will become more important as AI powers grow.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

If you find yourself with a little downtime, what should you work on?

The Gala is back! If your nonprofit is focused on an end of the year fundraising event, you may find yourself and your IT team with a little extra time on your hands this December as the rest of your staff are pulled away from their desks and are calling the help desk less frequently. Carolyn Woodard reviewed our recent webinars and podcasts for advice on what projects you might want to start now to be ready to hit the ground running in the new year.

Our list of 6 tips for nonprofit IT in December:

1. Do you have an IT Roadmap? This is one of the most important planning documents you can have as a nonprofit IT professional and leader. We have resources on our site to help you get started.

2. Think about policies and governance. This doesn’t mean you have to write them yourself before January. But if you have an hour free, you can go through our checklists of the most important policies to have, and review your existing documents, and be ready to meet with your leadership team in the new year with advice and priorities ready to go.

3. What is your AI policy? We created a policy template specific to nonprofits that you can download and adapt to your own organization’s values and needs. As AI tools and issues come at our organizations faster and faster, make sure you are setting the policy rather than just accepting whatever happens.

4. Map your data. The more AI tools come into use within our organizations, the more important permissions are going to become as those tools interact with our data. Not just with databases, but also with files, AI is going to find whatever it can find. Think about permissions, and training your staff, and how valuable your data is to you and to hackers.

5. A fifth project we recommend is tracking your inventory, subscriptions and licenses. Once you have an inventory system in place – and maybe have discovered you can do a better job of tracking onboarding and off boarding, or where you can be saving money with an enterprise license rather than individual licenses – it gets easier from there.

6. If you still have any time during your down time – we recommend you block off some time to take some tutorials. Did you know that learning a new skill and improving your confidence in new tools can actually lower your stress levels as an IT professional? If you haven’t been making time for learning, and you have a little down time this December, why don’t you see if you can get in the habit?

During the regular hustle and bustle of your IT job you may not feel you have time to get started on any of these important projects, so make time when you have down time to think about what you are missing and where to start. Setting priorities is important too, and being realistic. Maybe one of these projects is plenty! Don’t think you are going to finish any of these projects this December, or that you have to do them entirely on your own. But putting a little prep work in now can help you get them off the ground in the new year, with specific questions for your colleagues and specific goals and strategies.

And won’t that be a great feeling to greet the new year with!

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.