Nonprofit IT management

From California Technology Feestival Wiki
Jump to: navigation, search
  • We are spitballing today
  • Term "computer responsible person" is helpful; often it's the person who knows how to change toner in the printer
  • How do we make good decisions about IT in NPOs? We are hard pressed for funds, and businesses know that profit is tied to smooth operations. We don't have that in NPOs.
  • We need an impetus that things shouldn't break and when they do break we should fix them. How do we fix the culture so that IT is not about fighting fires.
  • Miraki Access Points are good but expensive. So much is predicated on budget size.
  • There is always some clown who will say "best practices" w/o thinking about the context of size and budget.
  • People come to IT expecting an answer but IT is really about thoughtful questions.
  • Startup mode--whatever tools worked, we go them. Snowballed and we have a lot of tools and devices and no management or documentation.
  • How do I deploy 150 devices and maintain Windows?
    • Take advantage of free stuff like Clonezilla
    • Work around budgeting limitations
    • Suggestion: if you have a license for a Windows server you could get an imaging server
    • Suggestion: MDT, the deployment toolkit, slipstream patches into that. But you need to spin up a server. Then you have to think about how you want to do the server, and what do you want from it?
    • Definition of imaging: snapshot of system and applications that you can deploy to a machine; the images need to live somewhere.
  • Balance of short-term need and longer-term planning (we can plan for 6 months from now but how to meet the need for next week?)
  • We have a really wide range of # of users in the room (9ish to 1000)
  • Diversity of devices means it's hard to deploy things in standardized way
  • User management: how do you manage the users on a device?
    • Windows Active Directory--one of the core features in Windows server
    • If you have more than 5 users, you need some kind of directory service--solves the problem of creating user accounts and creating permissions for them. Says "these are the authorized users for this device."
    • Cool tools: Jumpcloud, 10 free licenses, federates w Office365 and G Suite, kind of like LDAP for the cloud; you can even set up 2FA for Mac machines
    • With Windows Active Directory you can also configure group object policies so that data that users perceive as local is part of what is included in their account
    • Making a true managed environment with Mac is a challenge
    • What are options for Mac deployment in bulk?
  • How much permissions you give to users on the devices they use is deeply a values question.
  • Org values in BYOD
  • Suggestion: make people make a new profile on the machine for org work for BYOD
  • Prey Project--some degree of device management; good open source project. Super good for really small shocks.
  • For larger shops, Sophos is good for endpoint protection. Also bundles data loss prevention. Flags anytime anyone is ending/transmitting something that looks like a credit card number or SSN. You can also turn off USB drives or burnable CD readers.
  • Airwatch
  • G Suite MDM is being improved/built on--full MDM is coming for Windows and Mac OS.
  • Sometimes it's worth paying for G Suite bc there are some small but important things missing from the NPO version
  • Upstart MDM: Comodo One
  • Amazon has Desktop As A Service--good but pricey in the long run
  • Important Q: is it easier to absorb a big one time cost or an ongoing monthly cost?
  • Price--list and then NPO discount