Bagels & Bytes Meeting Notes – May 2016

Bagels & Bytes attendees sitting around a table talking in the Frick's Community Room

B&B attendees discussing tech in the Frick’s Community Room

This month was our second and final meetup at the Frick Art & Historical Center for this year. The weather remained lovely and the Frick grounds were in their spring glory!

Next month we will have our special summer meetup, Bagels & Bytes & Critters, on June 1 (8:30-10 AM) at the Animal Rescue League.  We will have our usual meeting (probably joined by a puppy or kitten) followed by a tour of the facility.

Here are the notes and resources from the May meetup:

Working with Tech Vendors

Prize winners!

This month’s prize winners!

Dislikes:

  • Constant calls
  • Condescending
  • Not having real operators at the first support level
  • Invites for sales appointments or demos that are automatically added to the calendar
  • Signing us up (without asking) for the email or mailing list after contact

Likes:

  • Adaptability – NPOs are not one size fits all
  • Vendor websites with plenty of information so we can do our research beforehand (make it possible to get info without having to call or email someone).
  • A real understanding of the nonprofit market
  • Doing one’s homework about the organization via the web before getting in touch
  • Tech support that is quick to react and has retained a history of the organization, so can be on the same page regardless of who is handling the call

Email Hacking and Spoofing

  • Strong passwords are crucial
  • Spoofing can look like your email was hacked, but is slightly different (read more…)
  • Have internal controls so fake approval requests (for example, a request for a wire transfer of money) cannot happen easily
  • Have a password policy (see below – we discussed in more detail later in the meeting)

Cyber Security Insurance

  • Generally added as a rider to the regular insurance contract
  • Depending on how it’s written, covers lawsuit costs if hacked, data compromised, etc.
  • Also covers public relations expenses, which are typically the biggest cost of all (public perception trumps who’s actually at fault – this is reputation management)
  • Every state has different regulations on coverage
  • Even if your software and data are in the cloud with a third-party provider, you still might have risk and liability
  • It’s easier than you think for thieves to steal your data – just watch this video from 60 Minutes about phone hacking (Thanks, Johna!)
  • Remember that most photocopiers have a hard drive in them that retain file data from scans, etc. Factory reset doesn’t wipe that data – be sure that the place that recycles your copier properly wipes the drive (you can also do it yourself – either take out the hard drive (if older) or use a USB connection)

Password Policies

  • What is in place and needed depends on the organization
  • You can require and enforce character types, length, frequency of changes, etc.
  • Sometimes 2 step verification is possible
  • Ultimately, you have to train the users – the best password policy in the world can’t prevent someone from writing down the password on a post-it note and putting it under their keyboard (people are always the weakest link in tech security)
  • Also must consider saved browser profiles, which may contain passwords and form data. Chrome in particular is bad for this – cleaning the passwords from the cache doesn’t erase them for other users on the same machine
  • There are a number of good password managers available: myPassword, LastPass

Local Salesforce Vendors

Request for Proposals (RFPs)

  • Love/hate relationship on all levels
  • Sometimes still necessary
  • The response time and type from a vendor can tell you a lot about that vendor
  • Nonprofits can help vendors by being flexible and willing to talk to orgs about solutions – most orgs need someone who will help improve business processes, not just replace the systems they already have in place

EMV Chips on Credit Cards (and Credit Card Processing Machines)

  • Was supposed to have been mandatory by a certain date
  • Liability has shifted since October 2015, so some retailers are refusing to implement. Johna sent this information, which was released in Allegheny Conference’s recent newsletter: “Businesses that accept credit cards for point-of-sale transactions need to know about new rules regarding credit cards. As of late last year, merchants who don’t upgrade their credit card terminals to accept new EMV “chip” cards may be liable for fraudulent transactions.”

Sam’s Club Grants

WordCamp Pittsburgh

  • The local WordPress users group is hosting their first ever WordCamp Pittsburgh –  a one day event for WP users of all levels – on September 17. Visit the event website for details

Recycling

  • Pennsylvania Resources Council (PRC) is hosting a number of recycling events this year, the first was on May 14 at the Pittsburgh Mills Galleria, with more to come over the summer. These events bring together recyclers of all types of materials, including technology and electronics, into one place (only event where you can recycle TVs locally too) (Thanks, Nicole!)
Advertisements

Bagels & Bytes Meeting Notes – March 2016

Note from CL: I owe a huge thank you to the group for stepping up to self-manage the meetup in my absence!  Extra, extra thanks to Rebekah Jenkins and the Grow Pgh staff, not only for hosting us, but for picking up the breakfast food too.  I’m so grateful and touched by the aspect of “community” that we have in our group.  You all rock!

Bagels & Bytes attendees discussing tech around a large conference tableNext month we will be having our meetup at the Frick Art & Historical Center in Point Breeze on Wednesday, 4/6.  I hope to see you there!

Here are the notes and resources from the meeting (thanks Nicole and Heather!):

General Troubleshooting

  • Discussed a BYOD problem Johna is having
  • Discussed a Office 2013 issue with deleting a recurring appt that then dupes itself

Disposing of Old Equipment

  • Computer Reach – recycling for anything but CRT monitors, they re-image them to Linux OS for redistributing to other orgs (small fee applies for wiping drives)
  • DBAN program – for wiping drives
  • YUMI – turn a flash drive into a Boot Device
    • will check all partitions

Bagels & Bytes attendees discussing tech around a large conference tableAnti-virus Recommendations

  • Best to have same AV software on all equipment for ease of maintenance to serve out updates
  • No McAfee
  • Norton (cloud based, good price through Techsoup)
  • Symantec ($4/license, can clas with Spiceworks and other software)
  • Avast (free AV)
  • Avira (free AV)
  • ClamWin (free, open source AV)
  • ESET (good for Windows OS updates and AV)
  • Webroot
  • Malwarebytes

Internet in the Field

  • phone tether vs hotspot vs tablet with data
  • Tether to cell and reimburse?
  • Mobile app – enter the info offline then synchronize?
  • Voice dictation in Google Docs?
  •  Chromebook – can split between Gmail logins but need wifi
  • Add as tether ($10 on Verizon)
  • Firefox, other programs will tether outside the phone

Google Grants

Bagels & Bytes attendees discussing tech around a large conference tableHacking

Policy re: Encryption

  • Should company sponsored cell phones have encryption?
  • Formatting into partitions w/encryption
  • Diskcrypter

Passwords

Document Sharing in Real Time

  • Google Drive vs secure intranet (Drive is real time, local server would have file locking occurring)
  • Egnyte – cloud-based server with apps or in browser
  • 2 people in the local file on a shared drive can corrupt the file

Encrypted Flash Drives

  • Use an app or can buy some with encrypted options
  • Some external drives are encrypted (some numeric and some biometric) of the hardware (not the software)
  • Enclosure also that takes any laptop drive

Outsourcing IT

Moving Email to the Cloud

  • Moving email to Google or Office 365 can cut IT costs $100K to $60K.
  • Include data migration if you go Exchange to cloud
  • Ask if you can migrate email yourself

Bagels & Bytes Meeting Notes – October 2015

Bagels & Bytes attendees sitting around a long conference table, discussing technologyFor October, we were pleased to hold our meetup at ACHIEVA on the South Side.  Thank you to Steve, Nicole and Dave for hosting us!  Our next meeting will be held at the same location on November 4.  In the meantime, we hope to see everyone at the TechNow Conference on Oct. 29!

Here are the notes and resources from the meeting:

Upgrading Windows software

  • 2003 server upgrades possible (general consensus was “yes”)
  • Windows 10 upgrades not very easy (some 3rd party software not doing well on it)

Device management

  • For adding phones in Google Apps, there’s an app (Google Device Policy) that you can add to devices that connects with your Google admin page – providing a way to control device connection to services
  • BYOD policy? Some have, some don’t – varies on the level of access given

Password management system

Office 2016 (and other productivity software)

  • Outlook is less “white” and more “gray”
  • MS is moving this package to just being called “Office” with no version number in the title
  • Pushing Office 365 + Sharepoint server right now
  • A preview video is available
  • Other (free) alternatives include:
  • People tend to resist change and to resort to software with which they are already familiar, so it may take some work to get your org to move away from Office to one of the free equivalents

Risk management

  • Largest risk to data is still employees – accidental or purposeful
  • Frequently the ball is dropped between HR and IT, in the sense that IT isn’t notified immediately if someone leaves the organization

Advice for new “accidental” techies