What Do Nonprofits Need to Know About Penetration Testing? Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman explains what penetration testing is, why some nonprofits may need it, and why other nonprofits may not, or may not need it until after a basic assessment and vulnerability scanning. Do you have someone urging you to get expensive pen testing, and you aren’t sure if you really need it, or if it is just checking a box on an insurance form? This podcast should give ...

October is ESOP Employee Owner Month An Employee Stock Ownership Plan, or ESOP, is a legal structure used in the U.S. to create an employee-owned company. Essentially, an ESOP is a type of retirement plan that invests primarily in company stock, holding the assets in a trust for the staff. Community IT is 100% employee-owned. This structure means our staff participates in the company’s success. Not all ESOPs are 100% employee-owned. Our CEO Johan Hammerstrom walks through the decisions ...

A Panel Discussion with Matthew Eshleman and Ian Gottesman. In part 1, Ian and Matthew discuss an approach to cybersecurity for nonprofits, taking the first steps, and 3 steps you can take to prevent at least 80% of attacks. In pt 2, they talk about making cybersecurity training more engaging, and lessons learned this year. They finish by taking audience questions. Our nonprofit cybersecurity experts discuss the current state of risks, and the best counter-measures nonprofits should have in t...

A Panel Discussion with Matthew Eshleman and Ian Gottesman. In part 1, Ian and Matthew discuss an approach to cybersecurity for nonprofits, taking the first steps, and 3 steps you can take to prevent at least 80% of attacks. In pt 2, they talk about making cybersecurity training more engaging, and lessons learned this year. They finish by taking audience questions. Our nonprofit cybersecurity experts discuss the current state of risks, and the best counter-measures nonprofits should have in t...

Today Carolyn talks with Johanny Torrico about her recent promotion to an executive position that the Community IT Board created for her: President and Chief Operations Officer. This conversation provided an opportunity to delve into Johanny’s strategic vision for the company’s future. We explored how the new position was created to recognize her role guiding the company through a period of significant growth and innovation in the past few years, ensuring that we continue to provide the highe...

Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered his take on these trends. Listen for expert advice on avoiding new computer viruses and making sure your organization is protected from Attacker-in-the-Middle attacks on MFA (Multi-Factor Authentication), particularly for important accounts like your Executive Director and CFO. Fighting Viruses Virus attacks have been increasing. These computer viruses are no longer just malware that “infects” your network through an em...

Change Management Lessons with Debbie Cameron Build Consulting Partner Debbie Cameron and change management expert in a webinar on when you can rescue a nonprofit technology project using change management techniques. In part 1, Debbie describes the philosophy of change management and how these techniques work in helping the people at your organization understand and adapt to big changes. In part 2, she discusses how to rescue a failed project and some techniques to turn a project aroun...

Change Management Lessons with Debbie Cameron Build Consulting Partner Debbie Cameron and change management expert in a webinar on when you can rescue a nonprofit technology project using change management techniques. In part 1, Debbie describes the philosophy of change management and how these techniques work in helping the people at your organization understand and adapt to big changes. In part 2, she discusses how to rescue a failed project and some techniques to turn a project aroun...

Do you have important files in your nonprofits’ Google Drive that are associated with their owners’ personal gmail address? Google lets you migrate those files to Shared Drive so your organization never loses access to them. Google Workspace is fantastically easy for nonprofit start ups to set up and doesn’t take a lot of technical know-how to manage until you grow to a larger staff size. One of the common issues we run into is ownership of files. In Google world, the creator “own...

Vanguard Communications’ Chief of Innovation Brenda Foster shared tips and practical advice on getting started using generative Artificial Intelligence AI tools at your nonprofit in a way that matches your mission and values. Learn how to prompt, when and how to use AI tools, and when not to. Learn how to evaluate the outputs and feel good using AI at your nonprofit. In part 1, Brenda explains the various types of AI and walks through the ethical considerations and trade offs for the environ...

Vanguard Communications’ Chief of Innovation Brenda Foster shared tips and practical advice on getting started using generative Artificial Intelligence AI tools at your nonprofit in a way that matches your mission and values. Learn how to prompt, when and how to use AI tools, and when not to. Learn how to evaluate the outputs and feel good using AI at your nonprofit. In part 1, Brenda explains the various types of AI and walks through the ethical considerations and trade offs for the environ...

Does your nonprofit know what to do when a staff person clicks on a suspicious email and instantly regrets it? David Dawson is a Senior Engineer at Community IT on the escalation team for our help desk. Recently he led the response to a cybersecurity incident at a nonprofit client. In this Community IT podcast, he answers Carolyn’s questions about the flow of the response, best practices, and gives tips on how your nonprofit can be prepared to respond to phishing or hacking attempts.&nb...

Peter Campbell is the principal consultant at Techcafeteria, a micro-consulting firm dedicated to helping nonprofits make more affordable and effective use of technology to support their missions. He recently published a free download powerpoint on Managing AI Risk and had time to talk with Carolyn about his thoughts on developing AI policies with an eye to risk, where the greatest risks lie for nonprofits using AI, and how often to review your policies as the technology changes rapidly. The...

On September 30th Microsoft will only support a new unified multi-factor authentication control configuration. What does this mean for your nonprofit? In March 2023 Microsoft announced that after September 30th, 2025, they would no longer automatically support “legacy” multi-factor authentication controls in the Microsoft 365 Entra ID and General Admin administration portals. The methods your staff are using now will not automatically roll over to be allowed via the new admin dashboard after ...

Learn how to run this valuable training tool from Community IT Chief Technology Officer and resident cybersecurity guru Matthew Eshleman, who explains how to carry out a cybersecurity tabletop exercise for your nonprofit and why this type of active testing is so valuable to your security planning. In pt 1, Matt and Carolyn go over what a tabletop exercise is and how they fit into your cybersecurity planning for your nonprofit. In pt 2, Matt describes 3 scenarios specific to nonprofits t...

Learn how to run this valuable training tool from Community IT Chief Technology Officer and resident cybersecurity guru Matthew Eshleman, who explains how to carry out a cybersecurity tabletop exercise for your nonprofit and why this type of active testing is so valuable to your security planning. In pt 1, Matt and Carolyn go over what a tabletop exercise is and how they fit into your cybersecurity planning for your nonprofit. In pt 2, Matt describes 3 scenarios specific to nonprofits t...

Most nonprofits will be asked about vulnerability scanning when they renew cybersecurity liability insurance or complete an annual audit. Do you know what it means and what you should do to comply? The takeaways: There is no one-size-fits-all vulnerability scanning app for your entire organization. You will need to do vulnerability scanning on various systems and the scanning will be different. As part of your incident response planning you should have an inventory of your ge...

Many nonprofit staff are facing increased stress and multiplying concerns about privacy, security, and vulnerabilities. What should you be tackling first in this new political environment? The takeaways: Most attacks are still financially based: criminals want you to wire money to the wrong account. The good news is that cybersecurity basics that protect you from fraud also protect your organization from politically motivated attacks.Taking action – even modest first steps or read...

NOTE: The Microsoft policy on the end of their donation program for the free and discounted Microsoft Office 365 Business Premium and E1 licenses for qualified nonprofits is shifting frequently, and we are working to keep you updated. Please check for the most recent blog or podcast from us to ensure you have the most recent update. This podcast provides updates to our episode from June 13th about the changes to Microsoft's donation program for nonprofit licenses. The active date of July 1st ...

Board.dev Co-Founder and CEO Alethea Hannemann on how to recruit tech leadership to join your nonprofit board, and why you should have tech leaders an/or a tech committee on your board helping your organization to grow and thrive. In part 1, Alethea presents research on the benefits of board members with tech experience and gives two case studies. In part 2, she delves into how to recruit a tech-savvy board member and takes audience questions. Do you have tech expertise on your nonprofit boa...