Small and medium-sized Not-for-Profits (NFPs) organizations are often seen by hackers as easy targets because the NFP commonly invests less in their IT and in employee training. We’ve identified the top three IT challenges that NFPs often face when it comes to IT management.
1 | Budget
The number one technology challenge for not-for-profits is budgeting. Here’s why:
- Unpredictable funding
- IT may not be a financial priority
- Poor documentation of past IT costs
- Lack of long-term IT planning
When developing an IT budget it’s important to include the absolutely necessary IT expenses, like hardware and software upgrades, internal IT salaries and third-party IT providers but there are other costs to consider:
- Business Continuity and Disaster Recovery
- Employee training
- Privacy Impact Assessment
- IT Assessment
- Lost opportunity costs associated with not embracing technology
Poor IT Budgeting = Chaotic IT and Unpredictable Costs
2 | IT Leadership
Small and medium-sized NFPs typically don’t have the financial capacity or technological need to hire a full-time internal IT employee or have a dedicated department. This often results in an employee managing the internal IT employee or the outsourced IT provider, in addition to other roles that they are responsible for. Even more dangerous is relying on volunteers or “techie” friends and family to take care of the IT.
This lack of IT leadership can result in:
- Security risks
- Clouded transparency
- Conservative approach to IT, resulting in lost opportunities
Ask yourself: Is your organization integrating future technologies? Is your organization using technology strategically to drive your mission?
3 | A Break-Fix Approach to IT
IT “fires” often pop up and then they are doused, but there is no long-term planning or strategic leadership to prevent these “fires.” With a proactive approach to IT, these “fires” are prevented from happening in the first place.
Negative outcomes can include:
- Lack of incentive to resolve underlying IT problems
- Minimal or no investment in network management tools
Managed IT services can help NFPs overcome these challenges. Your vCIO will work with you to develop your IT roadmap and provide the leadership your organization needs to thrive.
Three Real NFP IT Disasters
[ Spear Phishing in Italy ]
- Targeted local Victoria, BC NFP
- An email appearing to be from the Executive Director instructed middle management employee who was on vacation to purchase a large quantity of iTunes gift cards for donors.
- Purchase was not fulfilled due to last minute employee due diligence. Request was verified by telephone. Full details here: http://www.smartdolphins.comblog/spearphishing/
[ Small Indiana Nonprofit Falls Victim to Ransom Cyberattack]
- Targeted the Little Red Door – a cancer services nonprofit
- Employee downloaded malware from an email which deleted all data. Hackers requested $43,000 to return data.
- No ransom was paid.
- Management decided to rebuild its data, replaced file-based terminal server with cloud-based system.
- Agency was down for one week.
- Hugh operational impact.
[ Family and Children’s Services not-for-profit suffers Cyberattack then Litigation ]
- Targeted Family and Children’s Services of Lanark, Leeds and Grenville Ontario
- Organization was hit with malware which locked them out of their systems until they paid a $60,000 ransom.
- Organization had a functioning backup in place and their systems were restored in 8 hours.
- It took 3 weeks to eliminate the malware from the office’s computer network.
- 285 victims launched a $75 million lawsuit against the organization claiming negligence and breach of confidence.
- This case is still ongoing.