Today Carolyn talks with Johanny Torrico about her recent promotion to an executive position that the Community IT Board created for her: President and Chief Operations Officer.

This conversation provided an opportunity to delve into Johanny’s strategic vision for the company’s future. We explored how the new position was created to recognize her role guiding the company through a period of significant growth and innovation in the past few years, ensuring that we continue to provide the highest level of service and support to the nonprofit community.

We also touched on the challenges and successes of our expansion at Community IT, doubling both staff and clients served in the years following the pandemic. From scaling our services to meet increasing demand to fostering a cohesive culture as our team grows, Johanny shared valuable insights into the dedication and strategic planning that was required to navigate this dynamic landscape.

Our President and COO shared personal reflections on her extensive career in IT and operations, highlighting pivotal moments of challenge and the principles that have led to her success. This led to insights on what it takes to recognize and nurture talent within an organization, offering practical advice for HR professionals, managers, and job seekers alike.

We also explored the unique benefits of being a 100% employee-owned company. This model is a cornerstone of our internal culture, fostering a deep sense of ownership and commitment among our staff. Ultimately, this shared purpose and dedication not only helps us attract and retain top talent but also directly translates into the exceptional service and long-term partnerships we provide to our nonprofit clients.

Johanny has a lot to say on the benefits of a culture that encourages staff to be happy and capable, and the focus at Community IT on customer service – the face to face interactions of people with people.

Speaker:

Johanny Torrico brings over thirty years of experience managing teams and operations to her role as President and Chief Operating Officer at Community IT, where she leads the largest internal team providing services to clients. A calm and organized leader, Johanny is responsible for the service and technical operations for all the teams at Community IT. She also leads staff development and internal business processes, with a focus on staff retention and career mentoring.

As Chief Operating Officer Johanny played a critical role in leading the dramatic expansion of our service operations. She established new teams, expanded company management and led the successful adoption of a wide range of new technologies. Johanny has a special ability to promote standardization of our services in ways that add value for our clients. Johanny brings decades of experience, professional maturity and tremendous skillsets as a business leader.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered his take on these trends. Listen for expert advice on avoiding new computer viruses and making sure your organization is protected from Attacker-in-the-Middle attacks on MFA (Multi-Factor Authentication), particularly for important accounts like your Executive Director and CFO.

Fighting Viruses

• Virus attacks have been increasing. These computer viruses are no longer just malware that “infects” your network through an email link or website.
• Bad actors know we are suspicious of links in our email and that these days most malicious emails are stopped from reaching our inboxes. As a work around, they have started sending a document with instructions to open the document with a “secure code” – actually a malicious code. In this way, they trick the victim into running the attack against themselves.
• To resist this attack, always think – if the document you need to open is legitimate, and the person emailing it to you is genuine, they can send you a pdf. You should be very suspicious of any attachment that requires another set of steps to open, particularly executing code on your computer.
• Other ways you may pick up a computer virus: downloading something malicious online. Be careful to double check you are on a legitimate site before downloading anything. Better yet, use the App Store where possible.
• We are also seeing an increase in malicious pop-ups. If a window opens on your computer saying you have a virus, it can be scary. Always contact your own IT provider. Do not follow the directions the pop up is giving you to get “support,” or you will be calling the scammer.

Using Phish-Resistant MFA

• Community IT continues to recommend that all users use a Multi-Factor Authentication method on all accounts.
• Because MFA is so effective, it is not surprising that attackers are trying to work around it. In the past few years Attacker-in-the-Middle attacks have been on the rise. In this attack, the bad guys trick a user into “logging in” in a way that exposes their secure token for the attacker to steal. The attacker can then login as the user from a different device and gain access to anything the user has access to.
• Phish-Resistant MFA, like using a passkey or Microsoft Hello, will only allow the MFA to be authenticated from the device where you are. You can also use a physical key like Ubikey or FIDO, which must be present to allow the login.
• Community IT is recommending at a minimum that all accounts with access to sensitive data such as Executive Director, CFO, maybe Board members, the executive team, should use Phish-Resistant MFA to best protect the organization. Of course, any access to your network is a risk, so where possible, investing in Phish-Resistant MFA for all staff is a good investment.
• Training on Phish-Resistant MFA can lessen the friction or feeling that an extra step is required. Most Phish-Resistant MFA is quick to use and easy to learn. Peace of mind is worth it.

Community IT hopes that building this culture of care at your organization makes it easier for you to update your staff on new threats and scams through your regular training program.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Change Management Lessons with Debbie Cameron

Build Consulting Partner Debbie Cameron and change management expert in a webinar on when you can rescue a nonprofit technology project using change management techniques.

In part 1, Debbie describes the philosophy of change management and how these techniques work in helping the people at your organization understand and adapt to big changes. In part 2, she discusses how to rescue a failed project and some techniques to turn a project around. She also gives a mini-case study and takes audience questions.

It is never too late to go back and re-assess where change management best practices can help.
Learn how to use change management principles to get more out of your nonprofit technology investments and rescue a tech project that hasn’t succeeded – yet.

Do you have a technology tool that is not living up to expectations?

In an ideal world, change management would help inform three main phases of technology project implementation: planning, during, and after go-live. Build Consulting curated a three-part video series with Debbie Cameron, change management expert at Build Consulting, walking through the Build philosophy and providing best practices and examples at each stage of nonprofit tech project management.

But what if you weren’t present for the entire project? What if you are facing a project that isn’t going well – that you inherited – a technology tool that your organization is paying for but everyone hates – a tool your organization is stuck with … is there still a role for good change management? Is it too late to use change management best practices to rescue these projects?

In this new webinar, Debbie shares techniques and tools to help analyze where change management can support implementation after technology change.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Change Management Lessons with Debbie Cameron

Build Consulting Partner Debbie Cameron and change management expert in a webinar on when you can rescue a nonprofit technology project using change management techniques.

In part 1, Debbie describes the philosophy of change management and how these techniques work in helping the people at your organization understand and adapt to big changes. In part 2, she discusses how to rescue a failed project and some techniques to turn a project around. She also gives a mini-case study and takes audience questions.

It is never too late to go back and re-assess where change management best practices can help.
Learn how to use change management principles to get more out of your nonprofit technology investments and rescue a tech project that hasn’t succeeded – yet.

Do you have a technology tool that is not living up to expectations?

In an ideal world, change management would help inform three main phases of technology project implementation: planning, during, and after go-live. Build Consulting curated a three-part video series with Debbie Cameron, change management expert at Build Consulting, walking through the Build philosophy and providing best practices and examples at each stage of nonprofit tech project management.

But what if you weren’t present for the entire project? What if you are facing a project that isn’t going well – that you inherited – a technology tool that your organization is paying for but everyone hates – a tool your organization is stuck with … is there still a role for good change management? Is it too late to use change management best practices to rescue these projects?

In this new webinar, Debbie shares techniques and tools to help analyze where change management can support implementation after technology change.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Do you have important files in your nonprofits’ Google Drive that are associated with their owners’ personal gmail address? Google lets you migrate those files to Shared Drive so your organization never loses access to them.

Google Workspace is fantastically easy for nonprofit start ups to set up and doesn’t take a lot of technical know-how to manage until you grow to a larger staff size.

One of the common issues we run into is ownership of files. In Google world, the creator “owns” the files even when shared or saved on a shared Google Drive, and if that owner leaves the organization – through any number of scenarios – the organization no longer has access to those files.

Depending on how important the files are, that can cause problems! For example, if you are using an outsourced CFO – or if a photographer “shared” files with you – you can lose access.

A while back Google created “Shared Drive” and we recommend moving files from individually shared folders to organizationally owned folders.

In this podcast, Steve shares a Google Drive trick for nonprofits on migrating those files to Shared Drive relatively easily, by making the owner a temporary manager of the new folder.

The takeaways:

• Google regards the “owner” of files as the creator. Various options for sharing files may not grant complete access to those files for as long as they are needed.
• Community IT recommends creating Shared Drive in Google Workspace and migrating individual files and folders there to preserve organization access to them. This changes the “owner” from the individual to the organization.
• If you are running into migration issues with shared files disappearing, it is probably because the file was “owned” by someone outside your organization, or even someone within your organization using an individual gmail account to access Google. It is very easy to mistakenly log in to Google under other accounts to do your work!
• To migrate files in that situation, Google makes it possible to solve the ownership problem without a third-party tool. Staying within the Google universe preserves the file formats and makes migration easier. Links remain valid as will dynamic connections within Google Sheets.
• Community IT recommends creating a Shared Drive and temporarily making those external people managers with their individual gmail account. That gives them the ability to move whole folders of their files into the Shared Drive, where they become “owned” by the organization even after the individual leaves. This also helps clear up files created by external vendors where ownership needs to sit with the organization not with the individual owner, such as photos.
• It sounds complicated, but Steve walks through how to approach “ownership” in the Google Workspace universe and make data management as easy as possible.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Vanguard Communications’ Chief of Innovation Brenda Foster shared tips and practical advice on getting started using generative Artificial Intelligence AI tools at your nonprofit in a way that matches your mission and values.
Learn how to prompt, when and how to use AI tools, and when not to.
Learn how to evaluate the outputs and feel good using AI at your nonprofit.

In part 1, Brenda explains the various types of AI and walks through the ethical considerations and trade offs for the environment, community justice, human creativity, privacy and security, and bias. She presents a five question framework for creating your nonprofit AI policy. In part 2, Brenda explores good prompting and the differences between tools in this moment, and takes audience Q&A.

Are you wondering where to start with AI?

Chances are you and your colleagues are already using it for some things, and wondering how to use it better, or whether you should be using it at all. Your organization may be ambivalent or aghast at AI, have already embraced it, or be unsure where to start. You may have colleagues that are using AI for everything and others who won’t touch it.

Brenda Foster is a PRSA-NCC Hall of Fame inductee who has specialized in nonprofit communication for decades.

In this webinar, she shares tips and best practices on improving your AI prompts for communication success and explores situations where AI can improve the day-to-day job satisfaction for nonprofit staff. You can hear more from Brenda in our podcast discussion of AI tips here.

How can your nonprofit get started ?

In this webinar learn how to prompt, when and how to use AI tools, and when not to. Learn how to evaluate the output and ensure that your team feels confident and comfortable using AI to make their jobs more interesting and to better support your mission.

As with all our webinars, this presentation is appropriate for an audience of varied IT experience.

Community IT is proudly vendor-agnostic, and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community.

Learn how to create an AI Acceptable Use Policy here. The nonprofit sector is deeply concerned with ethics, accountability, the environment, and systemic change. Learn more about ethical AI frameworks here.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Vanguard Communications’ Chief of Innovation Brenda Foster shared tips and practical advice on getting started using generative Artificial Intelligence AI tools at your nonprofit in a way that matches your mission and values.
Learn how to prompt, when and how to use AI tools, and when not to.
Learn how to evaluate the outputs and feel good using AI at your nonprofit.

In part 1, Brenda explains the various types of AI and walks through the ethical considerations and trade offs for the environment, community justice, human creativity, privacy and security, and bias. She presents a five question framework for creating your nonprofit AI policy. In part 2, Brenda explores good prompting and the differences between tools in this moment, and takes audience Q&A.

Are you wondering where to start with AI?

Chances are you and your colleagues are already using it for some things, and wondering how to use it better, or whether you should be using it at all. Your organization may be ambivalent or aghast at AI, have already embraced it, or be unsure where to start. You may have colleagues that are using AI for everything and others who won’t touch it.

Brenda Foster is a PRSA-NCC Hall of Fame inductee who has specialized in nonprofit communication for decades.

In this webinar, she shares tips and best practices on improving your AI prompts for communication success and explores situations where AI can improve the day-to-day job satisfaction for nonprofit staff. You can hear more from Brenda in our podcast discussion of AI tips here.

How can your nonprofit get started ?

In this webinar learn how to prompt, when and how to use AI tools, and when not to. Learn how to evaluate the output and ensure that your team feels confident and comfortable using AI to make their jobs more interesting and to better support your mission.

As with all our webinars, this presentation is appropriate for an audience of varied IT experience.

Community IT is proudly vendor-agnostic, and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community.

Learn how to create an AI Acceptable Use Policy here. The nonprofit sector is deeply concerned with ethics, accountability, the environment, and systemic change. Learn more about ethical AI frameworks here.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Does your nonprofit know what to do when a staff person clicks on a suspicious email and instantly regrets it?

David Dawson is a Senior Engineer at Community IT on the escalation team for our help desk. Recently he led the response to a cybersecurity incident at a nonprofit client. In this Community IT podcast, he answers Carolyn’s questions about the flow of the response, best practices, and gives tips on how your nonprofit can be prepared to respond to phishing or hacking attempts.

Knowing who to call and how to respond to a cybersecurity incident at a nonprofit can be the difference that makes a quick and complete recovery.

The takeaways:

• When staff know what to do and who to call it saves valuable time and leads to more confidence in your response. Cybersecurity Awareness Training – particularly anti-phishing training – is a crucial part of your nonprofit cybersecurity defense.
• Having a single point of contact handling the communication at the nonprofit was important both to provide helpful information back to the IT provider quickly and to communicate effectively with 100+ staff that the incident was being resolved and what they needed to do.
• Of course, if your single point of contact is on vacation it can complicate your response. Having an Incident Response Plan with multiple backups will help guide your response.
• If you haven’t reviewed your Incident Response Plan recently, you should! Better yet, gather the stakeholders and hold a tabletop exercise to run through some scenarios and see how your team would handle them. This kind of an exercise doesn’t cost anything to run except your stakeholders’ time, and can help identify single points of failure or areas where the plan is good but your staff need training on what is in it.
• Many nonprofits initially handle their IT management internally. As your nonprofit grows, consider when it becomes appropriate to call on a trusted partner like Community IT to help with cybersecurity, help desk, and strategic planning. Are your cybersecurity investments up to date? What does your cyberliability policy cover? Could you resolve and recover from a cybersecurity attack?

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.