Nonprofit Radio for November 20, 2015: Get Creative & Safeguard Your Donor Data

Big Nonprofit Ideas for the Other 95%

I love our sponsor!

Do you want to find more prospects & raise more money? Pursuant is a full-service fundraising agency, leveraging data & technology.

Sign-up for show alerts!

Listen Live or Archive:

My Guests:

Lissa Piercy: Get Creative

Lissa Piercy

Thought about poets and other artists as part of your board meetings, trainings and conferences? How about open mics? Lissa Piercy reveals why you need to consider these and how to get them done. She’s executive director at Strength of Doves.

 

 

Scott Koegler: Safeguard Your Donor Data

Scott Koegler has tips on how to preserve and protect your donors’ sensitive information. How much do you need to save? He’s editor of Nonprofit Technology News. (Originally aired on December 6, 2013.)

 

 

 


Top Trends. Sound Advice. Lively Conversation.

You’re on the air and on target as I delve into the big issues facing your nonprofit—and your career.

If you have big dreams but an average budget, tune in to Tony Martignetti Nonprofit Radio.

I interview the best in the business on every topic from board relations, fundraising, social media and compliance, to technology, accounting, volunteer management, finance, marketing and beyond. Always with you in mind.

Sign-up for show alerts!

Sponsored by:


View Full Transcript

Transcript for 267_tony_martignetti_nonprofit_radio_20151120.mp3

Processed on: 2018-11-11T23:25:56.877Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2015…11…267_tony_martignetti_nonprofit_radio_20151120.mp3.41143129.json
Path to text: transcripts/2015/11/267_tony_martignetti_nonprofit_radio_20151120.txt

Hello and welcome to tony martignetti non-profit radio big non-profit ideas for the other ninety five percent. I’m your aptly named host. Oh, i’m glad you’re with me. I’d be thrown into tableau paralysis. If it came to mind that you missed today’s show, get creative thought about poets and other artists as part of your board meetings, trainings and conferences. How about open mikes? Lissa piercy reveals why you need to consider these and how to get them done. She’s, executive director. At strength of doves and secure your donordigital scott koegler has tips on how to preserve and protect your donor’s sensitive information. How much do you need to save he’s, editor of non-profit technology news that originally aired on december six twenty thirteen between the guests on tony’s take two five minute planned giving marketing responsive by pursuing full service fund-raising data driven and technology enabled, you’ll raise more money pursuant dot com. Dr a trip or journey in a car also an internal, biologically determined urge to attain or satisfy a need. It is after ten p m on a friday night, and i’m standing alone in a laundry room in boulder, colorado, a student in a social entrepreneurship program my whole life is waiting for me back in boston, i am watching the live stream of a national poetry slam competition. I am watching the first poet i added to our roster win a national poetry slam competition. I am fist pumping the air, i am stumping my foot! I’m screaming to an empty room. I’m remembering yesterday when i questioned why i had taken on the task go starting a business in the first place. I am crying and smiling and balancing computer and cell phone and laundry and coffee and laughing because this is what a start up looks like when i opened my computer one hour before tomorrow on a friday night and cringe at the emails that all seem urgent that all scream no sleep when the coffee wears off and the grant application start to blur when the mission feels miles away from my office when my office is really just a coffee shop or a living room or a kitchen when i stare at spreadsheets that looked like foreign language, like potential failure or future like risk risk, a situation involving exposure to danger. Also, every time i have ever followed my gut, sometimes you’ve just got to throw out the plan and follow your gut, grit, courage and resolve strength of character. Also small, loose particles of stone or sand. And some days i feel like sand small enough to slip through the cracks of this foundation i am building. In those moments, i think of the poet who risks reputation on a national stage to proclaim her love of women. The poet who tells the story of her sexual assault so that a girl in a middle school classroom can finally feel safe confessing the violation of her body. The poet who rejects gender pronouns and reminds me that this world has never been binary. The poet who run straight into vulnerability and somehow comes out stronger for her honesty. These poets so purpose into fists i wanted to raise at a world that took my father away. These poets raised their hands. Up, don’t shoot taught me to proclaim don’t shoot in my name, these poets, the heart of these poets heart, hollow, muscular organ also the center or innermost part of something. And aren’t we all just trying to find the innermost part of something thing? It took poetry and entrepreneurship for me to find the innermost parts of me. Lissa piercy she is co founder and executive director at strength of doves, an agency which is itself a non-profit the represents socially conscious, activist spoken word artists, they connect poets to venues and organizations. They’re at strength of doves dot com and lissa is at lissa poet the sapir c welcome to the show, thank you so much for having me beautiful energy. Tell us what is the story behind that? Well, i was actually commissioned to write that poem by the center for social impact learning, which is part of a graduate program with middlebury it’s, located in monterey, california, and they asked me to write a poem for their launch of this social centre. So i put up a facebook status and asked my entrepreneurial friends to tell me the words they think of when they think of social entrepreneurship and i got a bunch of words and a lot of them are in that poem, so dr grit risk. And so then i put a poem together for the launch of their center, and the name of the poem is is called dr excellent. All right, so we’re talking about maur creativity inside your organization outside the organization, using poets and other artists to sort of open things up. Yeah, and let’s, let’s start with, like, internally intern where where might we bring in? Argast? S o i think that internally creativity and a non-profit you can start with your board meetings or even just kind of your regular staff meetings. So i like to say that you know, a lot of the time we think about innovation when it comes to our programming or our products. We don’t always think about innovation when we’re thinking about how we run a meeting on a monday morning or board meeting so it can start with kind of basic creativity like, for example, there’s, an organization called the millennium campus network. Their board meeting, one of their board members told me recently, was the best board meeting she’d ever been tio, they didn’t use poetry, but what they did was they created a hackathon in their board meeting, so they were really creative about how they put the board meeting together, which i thought was fascinating. So i talked to abigail, who had created that plan, and she said that for them, creativity started with the way they set up the room. So thinking about what’s on the walls of your room in your meeting and what? What are you doing to kind of create a setting that feels different than other board meetings? Do our other monday morning meetings? I think, for example, there’s, a site called button poetry, it’s, a youtube channel and there’s tons and tons of spoken word poems. They’re they’re typically about three minutes long. You could even just play a poem at the beginning of your meeting, and it opens up a part of the brain that gets you thinking in a different way, and i just think so often we look at meetings is something that we dread going to and sitting through. So you start by infusing something different at the top of your meeting, it can really shift and change. The whole energy of the meeting do you think it’s risky toe invite meeting participants, too, do their own performance? No, i think actually you’ll get surprising results if you do that. When i found i run open mic set conferences so, like the opportunity collaboration, i did some stuff with the school world forum, and what i’ve found is when you invite the community to be part of being creative, they bring inside you, that you didn’t know that they had, and often those things can actually be used to infuse organization with new life. So yeah, bring in, bring in creativity from people that already you’re sitting at those meetings with you for sure, and we’ll see another side of people. Yeah, absolutely. It may not be poetry. I don’t know. It might be a song. It might be a guitar that they play someone’s a drummer. Someone has a poem and someone else plays behind them. I mean, the the options are endless when you bring in creativity in new ways. You mentioned opportunity collaboration, which is very collaborative and that’s where we met just like a month or so ago. Six weeks ago. Roughly. Yeah, in mexico? Yeah, and i run there open mike every year. And i talked teo jury in aunt over the team that put it on every year. And they said that one of the reasons why they like having the open mic is that it brings collaboration in a new way on people rave about it because they get to see those different sides of people. Also, something that i’ve often said is, you know, if you meet me and we talked for five minutes, you might find out that i live in boston or that i run strength of doves you’re not going to know intimate details of my life if you see me perform in an open mic, you know how hard it was to start my business, you know, personal details about losses that i’ve been through, and we connect in a deeper way, and then collaboration is richer because we care about each other as people, not just a cz business partners in a collaborative, collaborative setting, listening to drive, we learned some very intimate details about your dad’s death. Okay, very energizing, right? Well, let’s, go out for a break when we come back listen, i’m going to continue, of course, talking about getting creative. We’ll have live listener, love, et cetera. Stay with us. You’re tuned to non-profit radio. Tony martignetti also hosts a podcast for the chronicle of philanthropy fund-raising fundamentals is a quick ten minute burst of fund-raising insights, published once a month. Tony’s guests are expert in crowdfunding, mobile giving event fund-raising direct mail and donor cultivation. Really, all the fund-raising issues that make you wonder, am i doing this right? Is there a better way there is? Find the fund-raising fundamentals archive it. Tony martignetti dot com that’s marketmesuite n e t t i remember there’s, a g before the end, thousands of listeners have subscribed on itunes. You can also learn maura, the chronicle website philanthropy dot com fund-raising fundamentals the better way. Welcome back to big non-profit ideas for the other ninety five percent live listener love got st louis, missouri, brooklyn, new york and new york, new york new york’s checking in excellent lovett i’ve listener love yes, let’s go abroad always have very loyal seoul, south korea of listeners. Remarkable. I don’t know if it’s the same person all the time where people it’s multiple multiple in seoul, anya haserot for mexico city, very close to where lissa and i first met because we were in x top a at the opportunity collaboration we were talking about mexico city. Welcome live listen her love to you. What can i do? Keitel look, it’ll there was my thank you anytime and also in japan, tokyo and osaka checking in konnichi wa live listener loved all of our live listeners, and of course, we never forget affiliate affections for our multiple many am fm stations throughout the country. Affections if you’re listening on the terrestrial stations and, oh that’s, ah, terrestrial affection! I gotta work on that there’s something there and station affection, terrestrial and also podcast pleasantries never forget the podcast listeners over ten thousand i’m painting houses, washing dishes, whatever. It is you’re doing as you listen. Pleasantries to the podcast audience. Okay, listen. Thank you for helping. Yeah, now i have tried it with any time. Spanish mexico city that’s. Why? I like opportunity collaboration because i get to be i get to speak spanish more than i do on my regular day to day life. Do you do to poetry in spanish? I have a couple of lines in spanish in my poems. Everyone smile in my international women’s day poem. I talk about the venezuelan constitution, so i say constitutent dahna venezuela, but i typically i like there’s a line about using spanish because i’m not of dissent. That is latin at all, so i’m careful about how okay? You know what, that’s a much larger conversation about appropriation. And don’t betray yourself appropriately. You would feel yes, exactly. Um all right. So, let’s, keep talking about eso these internal. This idea of board meetings? Yes. Now i have had a lot of guests recommend. In fact, one michael davidson was just last last week recommending having people who are benefiting from your services come and deliver a presentation at every board meeting. So they are sharing. Fashion their tears about how your organization save their lives, improve their life, you know, maybe there’s some creativity there, you could ask someone like that toe do a performance instead of just read some paragraphs. Yeah, so one thing that i think is really important to note is, especially with organizations that are working organisations working with youth tons toe already think about maybe creativity, poetry, open mikes. It doesn’t only need to be youth there’s a lot of opportunity to do some writing workshops in any demographic i really believe, and if you’re producing content like that, you can have someone come in. It also, though, gives the opportunity to let’s say, you’re an organization a non-profit that’s working outside of the united states, but your board is primarily in the united states. If you do a writing project with the people that you’re working with on the ground and you bring back some of those writing samples and they’re available on the table during the board meeting during the coffee break, that’s the kind of thing that people in your board can look at even if you don’t have time to be reading their material or having a guest come into the actual board meeting. Okay? I mean, even in that case, you could have maybe someone who’s trained reading those store absolutely a voice artists or something like that fresh rather than just the one dimensional reading painting with a broad what else? Any other ideas? You know, the internal internal creativity as well? One thing that comes to mind is, you know, every organization faces kind of pain points, things that they’re struggling with. There are a lot of conversations now around diversity. And how do you talk about diversity within organizations? There are other challenges the leadership changes that happen or, you know, anything that happens internally. I really think that that organization should think about looking to more creative ways of having conversations around those tough things. Later on in the show got ilsen nasco mrs who the really amazing poet with the dialogue arts project, is going to be reading a poem on air and their organization will come in and do a full training, and they use spoken word poetry at the top of the training to get everyone’s kind of juices flowing. And then they do trainings around diversity around. Pain points within organization, so for those organizations that are going through maybe a transitionary moment or need some kind of a different training instead of just checking the box with, oh, we talked about diversity think about looking for creative resources that are out there to bring into those training’s you’ll have a better experience and your staff won’t feel like you’re just checking the diversity box, which i think is really important. Am i out of touch if i keep saying poets instead of spoken word artist? No, no, i have i missed twenty fifty by mr change of century, i think. First, i think the biggest distinction that often happens is a slam poet versus a spoken word poet. Slam poetry is a form of spoken word. It’s a competitive style of spoken word at least that’s the way i distinguish. But yeah, spoken reports are definitely poets the way that i think about it and this definition is different depending on who you talk to is spoken word or performance. Poetry is performed from, like the tip of your pinkie toe to the tip of your finger out the top of your head and you can also be a written poet that is publishing books as well. You’re also thinking about how am i presenting this poem beyond the page and that’s? Kind of what a spoken word are a performance poet is doing in my definition of it. Okay, so so if i say a spoken word artist. Yeah. That’s that’s what? I mean, that could be the same as poet or official versus slam performer. Yes, exactly. Slam is competitive. Yeah. How did americans turned poetry into a competition sport? Well, it’s gotten a lot more people paying attention to it. That’s for sure. So hey, that’s, it started. It originated in chicago. A guy named mark smith who is a construction worker, and then here in new york. There’s the moth that’s like storytelling. There’s also the nia recon is another location that does poetry slams you’re american. Say it one more time in new york weekend. Okay, mahogany brown is a poet. She’s actually on our roster. And she’s, an amazing poet who hosts their poetry, slams their team when you compete against their team. You come prepared, let me tell you. Okay. New york has some great poets. Okay, now, what’s. Your background you have. Ah, what is this? Oh, so social around? Yeah. How did you get into poetry? I started doing open mikes in college after i lost my dad and i went through two and a half years where i lost seven people in my life. And this is a lot of grief and poetry was the only thing that could really motivate me to get out of bed and go to things. I was running the open mic group on my college campus and then actually turned down the opportunity to apply for a fulltime social work job to figure out how more of these amazing social change poets could be earning a living from their poetry. And now we have strength of doves where we put poets in performance opportunities and workshop opportunities toe to really bring this to kind of communities that haven’t necessarily thought about spoken word. Poetry is a tool because it really is a tool. And the other thing i’ll say is the reason i think spoken word in particular, i think all forms of art are important and open up our brains in new ways spoken word is extremely accessible, so a really strong spoken word artist, in my opinion, is using poetry and using language in a way that someone who’s maybe never thought that they liked poetry or never thought of themselves as a creative person before can now access a really creative art form and begin to open up the idea from themselves that, hey, maybe i could write, or maybe i can open up this creative things, but what do we say to the people whose eyes glaze over? Oh, poetry it so it’s beyond may i don’t get it? Yeah, you know, it just doesn’t reach me. Listen, tio, watch two videos on button poetry or go search dialogue, arts project poets, strength of doves, poets i really have never seen it happen where someone said, i don’t like poetry on. When it’s exposed teo a couple of videos and said, i still don’t like poetry, it’s just not what you’re thinking of when you think of poetry. If you had a boring english class on poetry, poetry does not need to be born, i promise. Give me a subject that you like, email me a subject you like and i will send back a poem. That you will like about that subject. Okay. Do you want to show your email? Oh, yeah. It’s lyssa at strength of does dot com. Okay, listen, l i s s yes, challenge me. I guarantee i will be able to draw you in with someone else’s problems. Okay, cool. Let’s go outside. Our organizations have a like a mirror. So before we bring in carlos yeah. Conferences, galas, gallant fund-raising events. Why are fund-raising event so boring? I’m sorry if i’m offending anyone out there, but i just think we need to address this. So these gallows where you have a dinner, any of a bunch of speeches and so there’s a moment at a lot of these events where, you know, people are eating dinner and kind of talking to each other, and then you want to get everyone’s attention. So someone clicks on a glass, someone in charge of the organization says, welcome, everyone kind of turns their attention begrudgingly to the stage, and then they’re a bunch of speeches sometimes there’s really fascinating stuff in those speeches, but we’re not really our attention isn’t necessarily drawn immediately to the stage. The person sending welcome welcome zoho please hide me. I want to hear my gladstone brandraise oversignt neo-sage chimes. If you’re in a fancy paint bonem bungalow exactly. So it’s dead? I think everyone should try finding a spoken word poet and putting them on that stage. That’s, the way you get people’s attention don’t even say welcome like we just opened our secondly, just drive a trip or journey in a car really loud, really punchy everyone’s going to turn to you if you want to go a step further, you can hire a poet to write a commission to poem about your organization, and now in three minutes you’ve explained everything you’re doing. You’ve got everyone’s attention and you just invested all this money and all this time and creating this event. Don’t you want to vent the people going to talk about after the fact they’re going to be more likely to talk about it? If it’s different bringing a poet if you don’t for some reason believe, listen with all their energy and zeeland enthusiasm, think about what happened in beginning this segment we threw you in with lissa was completely different different format you said you turned into well. What is? That that’s, the only way latto college, did it with their market radcampaign recently. All right, we got carlos andres gomez, award winning poet member of the dialogue arts project, on twitter, he’s at carlos. A g live. Is there anything you want to introduce before before carlos carlos, let me say, just say, welcome, welcome to the show so much. Tony thinks my brother, carlos i’s, anything you want to say, i just want for everyone out there. That’s not, you know, always listening to spoken word. This is such an amazing opportunity. Godless is kind of a titan in the community and just does really amazing work, using poetry to have really important conversations. Carlos, please. Thank you so much. This poem is called tense. I’m holding my friend gino’s hands and asking the army recruiter for more information about the marines. Please, i say he fits with his cufflinks, pause it, his necklace through his shirt drags the back of his hand across the close shaven sand paper of his chin. Gino is staring him down through the island. Artie wears like a middle finger. We watched a stranger caught between the train movements of a machine and the churn butter in his body. Just like mine. Two months before, when i said, hell no toe a trip to the gay club, i just don’t want to leave and he went on it be like colonizing the space, i said which sounds a lot better than i’m uncomfortable i wouldn’t know how to stand what do i do if a song i like come on in zambia i walked the dirt roads of a slum my pinky finger intimately wraps around the smallest digit of the most infamous guy on the block. He was my friend. It is how friends walked the streets there. When i greet my iranian friend’s father, we embrace chief twice in thailand. My host casually patted my leg the first family dinner, i nearly jumped out the window, thinking he was reaching for something else. Everyone laughed, probably confused as to why this strange foreigner had been trained to be so foreign to the gentle touch of a man, a passer by give me and gino matching name i tongue the word around in my mouth. Feel the tender sting, make a home in my torso, stare at the word brotherhood splayed across the camouflage banner. The recruiter stares down the table, and though it holds the secret code to life’s, great questions, it’s corrected, stutter and suddenly overcompensating stands blend into the decorations behind. So much so that i can barely even tell he is still there. He pretended, if we are not, begin sorting and then re sorting the three lonely pamphlets dwarfed by the large rectangular table where they now six boys. Please. I’m just doing my job. His mouth bag in a voice so small and so human. It makes me feel like i have just blurted out a secret. This man has given his life to guard like freedom. Carlos andres gomez! Carlos, thank you so much. Thanks, carlos. Thank you so much. Let’s. Send tony. I don’t know why i have watery eyes. I just first listen, you know, i would need to think about it more, but but it moved me because i do so that’s. The kind of thing that dialogue arts project works. I would start with wood with poems to kind of open up a new space in everyone’s head and kind of i mean, the energy, even in this room, while we’re listening here in the studio just calms down. And there’s, you can start having conversations about your own experiences that can lead into deeper conversations for more shared understanding within your organization. Carlos, we have just like, a minute and a half or so. Do you want to share anything about that? About the poem? Yeah, sure. I mean, i was, i think, there’s there’s. So much to be there’s. Someone is so easy to have a very, i think superficial, topical conversation. If we if we wantto engage someone about gender or sexuality or any of these huge hot button issues or topics or anything related to identity and i think the biggest thing that dialogue arts project believes is that using personal narrative and using something artistic as a medium for that personal narrative that is the most that is the most, i think dynamic way to enter a conversation, because that that home, the true story, right about me walking down the main walk with the university of pennsylvania and i think me telling that story. It immediately invites other people that share stories in a way that that i think invites people into a vulnerable space, as opposed to having an intellectual discussion that doesn’t have any stakes involved and ultimately is not a meaningful conversation. Carlos on, listen, we have to leave it there. Excellent regardless, thank you so much. Thank you so much for sharing. Thank you, much less a piercy cofounder, executive director at strength of doves, its strength of doves, dot com and again on twitter, she’s at lissa poet thank you, thank you, thanks a lot. Coming up, secure your donordigital first pursuant, they reached out to me today to renew their sponsorship, like two months early, before i had even asked the email says their leadership is pleased with the partnership, and that gives me two thoughts. First, you need to check out their fund-raising tools because they are perfect for small and midsize non-profits pursuant, dot com is where they are. Second, if you want a partnership with non-profit radio let’s talk, i get results for sponsors now. It’s time for tony’s, take two my video this week is five minute marketing for planned e-giving it’s, a tiny piece of a ninety minute program that’s packed with easy and smart marketing strategies around planned e-giving if you want the teaser video it’s at tony martignetti dot com, if you want me to deliver the full program to train your office or conference audience, let’s talk that’s tony’s take two for friday, twentieth of november forty fourth show of the year. Scott koegler is the editor of non-profit technology news and used to be our technology contributor. He was there from the beginning for a long time. They’re at n p tech news dot com and he’s at scott koegler on twitter from the december six twenty thirteen show here is secure your donor. We’re talking about safeguarding your donordigital what are the, uh, what of the potential risks here if donordigital is compromised? Well, there’s a lot of actually tony and what’s, probably the biggest one is that not just the beta is stolen, but the information about your donors is compromised and that’s something that has made a whole lot of headlines recently well, over the last few years, actually, um about, you know, different different companies having having their data breached, having there credit card information, solan and now people losing, losing the privacy of the credit information identity theft by another word. So there are implications that are certainly public relations you don’t want to be, you know, it may not be a headline if you’re a smaller midsize shop, but you can have a public relations problem among your donors and volunteers without it being in the headlines. There’s legal implications and you couldn’t even have, like some financial problems mean, if people if it comes to the point of people suing you, are you having to pay for damages? Definitely, definitely. You know that i moved to south carolina recently, and last year i think it was earlier this year, actually, the the the state government website was breached. And supposedly all of the information that that anyone who has filed tax returns in the state oh, my goodness. Stolen. So, you know, i mean that’s bad enough. I haven’t actually heard of anyone who was, you know, was affected by having their identities stolen. But what happened was that the state, aside from the, you know, the political and and other kinds of just, you know, general discussion about how things were handled badly, they had to offer a free subscription service to an identity theft, monitoring service to literally everyone in the state. Oh, my and a couple people. And so on, top of on top of having to rebuild their infrastructure and, you know, tighten down their security. Um, you know, they have that financial burden, but, you know, just added something. So yeah, financial consequences definitely did this stuff the car during the five days when governor mark sanford was off with his girlfriend in in argentina, is that when that happened, it could have i don’t know, i you know, it could have been an argentinean internet connection. I’m good provoc story on he’s reputation has since been rehabilitated because he was he was elected. Tio what the house of representatives, i think for for south carolina? I think so. Although i have to i have to admit that i haven’t really followed much of the south carolinian political situation, even though i should have. Okay, well, you’re you’re new resident. Well, i am your break now did vote so i guess it’s good. What part of the problem with identity theft, though, is that people the bad people don’t use the data right away because they know that everybody who’s data was compromised is eyes on the lookout, but they’ll wait. I mean, they’ll wait three for five years and use the data then when your date of birth and social security number haven’t changed and maybe even your address hasn’t changed. And and by then people are not on the lookout for the for the theft because it’s been so many years since it occurred. Exactly exactly, and then it’s also hard to track down where that breach came from, because if it wass, for instance, of small provider, small company or a small non-profit they got they got breached? Uh, may not have been reported, right? Not everybody owns up to it, and actually not everybody actually knows that they’ve been breached. Right? Rights, it’s not in the hacker’s. Best interest to notify anyone that had that great yeah, yeah, now it gets it gets discovered by some audit. Or maybe the hackers will sloppy or something like that, but yeah, i’m sure there are lot of instances where organizations don’t even know that it’s happened. All right, all right. So if we’re going to protect our donor data, what do we need to be thinking about first? Well, the first thing is pretty obvious stuff is that, you know, if you don’t need the information, don’t keep it, don’t collect it, don’t get it one of the pieces of information, of course, that that non-profits do want whose credit card information, uh, and some sites you know, amazon in particular, and pretty much any e commerce site collect credit card information and then there’s a convenience to the chopper. The store that information? Yes. And, you know, it’s convenient and in a situation like amazon, people may go back there and by things you know, almost daily, and so in that case, it really is a convenience, so you don’t want to. I don’t want to keep entering my my credit card information every time i buy something for non-profit that that, um the frequency is probably significantly less than what amazon gets, and we would certainly hope it’s more frequent, but reality is they’re probably talking about a few times a year at the most. Yes, so in those cases, um allow the credit card information to the energy you sure that’s over a secure line and that’s here’s a jug and peace for https that’s uh uh that’s the secure website connections that links the website that someone’s feeling to the with a back end server store some reason, scott, i know that http is hypertext transfer protocol, right? And then i believe the asas a few yeses for secure. Okay, sorry, sorry. Nobody cares about nobody cares. Um, so and that part right there just means that someone monitoring are tapping into the line isn’t just catching the data while it’s streaming by them on dh collecting it that way, that’s the first line of security. But the second one news, you know, use the information, make the transaction, get the get the donation into the bank account, and then just don’t record the credit card information. And just by doing that, you’ll probably solve. I’m going to say at least fifty percent of the of the problems that a data breach can cause for constituents for donors. There’s other information that would fall into those to that category, i’m thinking, like date of birth, social security number, even even address? Yeah, address an email. I mean, you don’t want those to be compromised. Yeah, here’s an interesting piece of security information. Did you know if you have a person’s first name date of birth and their zip code, you can find out through there first name, date of birth and zip code that’s enough to identify? Yeah, yeah, that makes sense. We wouldn’t you? Yeah, when you say it, it makes sense, but somebody wouldn’t think that those if you’re not, if you’re not in a security role, you wouldn’t realize that those three things can be really damaging and you could find everything about those. So i mean, date of birth, i mean, probably non-profits don’t have to save date of birth, right? Date of birth, you know, probably they probably do need address information in order to send maybe a ten, ninety nine, you know, donation form at the end of the right, right? But certainly so security number is not necessary. I don’t think that’s required for ten, ninety nine. Well, non-profits aren’t sending ten, ninety nine’s. They’re just sending they’re just sending acknowledgement letters. Okay, so, yeah, ten. Ninety nine’s that’s for contractors. So so it wouldn’t you wouldn’t need it. It wouldn’t need you would not need it for donors. All right, but so there’s there’s information that we should save. But we should look scrupulously at what we are actually preserving is the point. Okay, what you need and don’t even ask for what you don’t need. And those things that you do need no dahna on a short term basis, like credit card information. Just believe it. Okay, okay. There’s still information that you need and there’s information that you want to keep. You want to keep the name, the donation history, maybe their activities. You may want to. Keep their their their address, and they want it. Particularly if you do send out snail mail kinds of information. You know, newsletters do still go by on paper. Uh, okay. And so there is information that you want and here’s, one of the ways that south carolina system was breached tonight, if they could have avoided the entire disaster with the effects of the disaster. Maybe not from a public relations standpoint, but from the effect on its citizens. By encrypting the data with health so well, where he talked about, you know, using a secure internet connection tps. And that applies and encryption to all of the information going across the internet wire. But once it reaches the program that stores the data, um, you know, that data is stored in a database, and the database is usually, um, pretty transparent. In other words, you can open the database. Look at the information and it’s you know, it’s in english. It’s in what’s, commonly called clear text. So it’s, you know, you can look at it with a human being can read it and understand it. Um and i know it’s easy and it’s the way that things are stored most of time. Um, what south carolina did not do. And actually, a couple of others didn’t dio notable ones are adobe and link them okay? Not small names and people that you would think would know better. They did not oppcoll the contents of the database. So what that means is if the data is not encrypted, hacker gets in, they download the database and they can use it’s all visible in clear text. Okay. Okay. All right. So so the data that we do store, we should consider encryption, right? Absolutely. Absolutely. Encryptions pretty easy. Most databases have it as a non option. You could just, you know, take a box and bingo. It’s all encrypted. So we have to also consider where this data is safe, right? It’s? Lots of different places and including portables. Right? Um, sure. Cellphones get lost, laptops gets stolen, all those kind of things happen. Uh, i don’t know that. There’s an additional answer there. I mean, certainly you can password protected cell phones and laptops, but typically people don’t do that. Yeah, well, we’re going to get to policies that that they should be doing so, but they’re also the data is on servers. In your and hopefully your server closet is secure. I’ve seen a lot of servers that including businesses, small businesses where, you know, it’s in a like a ah whole janitorial closet or something up on a shelf. Definitely not secure it all, but data can also be in the cloud exactly that it could be in the cloud. And it’s kind of a counterintuitive. I’ll just give you my personal take on this. I think on. I believe that data is stored in a all right. You know, properly created cloud environment. It was much more secure than something that’s residing in your server. Uh, at your office. Okay, what did i tell you? Why? You know, first of all, servers in officers are managed by by people in those offices, typically and except for, you know, very large, non-profits most of those people are not, um, it’s, not a full time job to manage the security of the server right there doing other things. They have a full time job for a part time job and a piece of a part of a tiny portion of that time you maybe to make a back-up with the server on the other hand, cloud based systems, it is business it’s only business. Not only are the, uh, typically bound by terms and conditions of the contract with that you have with them to protect your data if they’re breached, uh, rage stands to lose their entire business just from the bad p r so it’s in their best interests to keep their, you know, their customers, clients, data secure, you know, they those kinds of environments, too, support the https secure connections they do typically encrypt the data. I’m not saying you don’t need to check those things, but i do believe that it’s, no overall, safer environment, leave it in the hands of the professionals. Okay, we have we have to go away for a couple minutes when we come back. Scott. Now, keep talking about safeguarding your donordigital. We’ll get into some of the policies that you should have. Stay with us. Like what you’re hearing a non-profit radio tony’s got more on youtube, you’ll find clips from stand up comedy tv spots and exclusive interviews catch guests like seth gordon, craig newmark, the founder of craigslist marquis of eco enterprises, charles best from donors choose dot org’s aria finger do something that worked and they only levine from new york universities heimans center on philantech tony tweets to he finds the best content from the most knowledgeable, interesting people in and around non-profits to share on his stream. If you have valuable info, he wants to re tweet you during the show. You can join the conversation on twitter using hashtag non-profit radio twitter is an easy way to reach tony he’s at tony martignetti narasimhan t i g e n e t t i remember there’s a g before the end he hosts a podcast for the chronicle of philanthropy fund-raising fundamentals is a short monthly show devoted to getting over your fund-raising hartals just like non-profit radio, toni talks to leading thinkers, experts and cool people with great ideas. As one fan said, tony picks their brains and i don’t have to leave my office fund-raising fundamentals was recently dubbed the most helpful non-profit podcast you have ever heard, you can also join the conversation on facebook, where you can ask questions before or after the show. The guests are there, too. Get insider show alerts by email, tony tells you who’s on each week and always includes link so that you can contact guests directly. To sign up, visit the facebook page for tony martignetti dot com. I’m dana ostomel, ceo of deposit, a gift. And you’re listening to tony martignetti non-profit radio. Big non-profit ideas for the other ninety five percent. All right, scott, we know what data we’ve got and what we need to save and not save way we know where the data is stored, what kind of policies should we have in place? Yes, well, as you mentioned, it’s it’s a good thing to have a policy that says, you know, you need to secure your devices with a password so that every time you use that needs to be long, then, um, in my experience that that may work in corporate environments where the item shop has the ability to actually manage the devices that were used by their brother employees, but in an environment that says generally as loose as a non-profit becomes pretty difficult to force for one thing, you know, you’re your volunteers may already have bones that are being managed by their brother employers, so we got a conflict in that in that area, i’m still it’s a good thing to do. Um, certainly you want to be sure that the staff isn’t writing things down on pieces of paper, so if they are recording things, they are being recorded in a digital format in a secure form that so that whatever protections are being enforced in the room that digital connection are being used. They may not be one hundred percent, but it’s better than nothing for sure. We should also have policy around who has access to different pieces of data, absolutely. And that has to do with the, uh, the applications that you’re using to store your information some of the more simplistic applications, for instance, locally, you know, homemade databases, spreadsheets, things like that have very limited security options, right? Most of the most of the non-profit applications that are available commercially, i have what they call multi level rules so you can define a roll of manager out of the data entry work no, no hosting, volunteer and different kinds of rules like that in each one of those can have different levels of access to information. So somebody who’s carrying around a tablet that in the event registering people for the event, they only have access to the data entry function for that piece, it certainly would not have access two historical e-giving and other other information has already been recorded when i go teo cem, clients on i’m using their database there’s data that i can’t see? Social security number. For instance, i i can see that it’s preserved, but all i see in that field is a bunch of stars. Date of birth, i think is another one. Or maybe i see the year, but not the day in the month. Something like that. So there there are there are data, ways of preserving and i log on to that database so it knows who i am and what level of access i have. Exactly. When i was, that reminds me of when i was in the air force, i had i had top secret clearance. And then beyond top secret, there was something called psyop. Yes, i which wass was those top secret? T s psyop was the single integrated operating plan. And then, yes, i was for extra sensitive information. So you could have t s and then you could go beyond that, and then beyond that. And then there’s, you know, obviously there people who had hyre levels of security clearance beyond me. But i had top secret c i a p ece. Anyway, uh, so just just exactly as you told me that. Tony, you kill me, right? Right now. There. Are other reasons i need to kill you. Is that another doing? Just revealed. Okay. All right. So the software can help us. All right. So this is part of our policies is who who has access to what? On a need to know basis, right? That’s, basically, what do you need to know? To do your job? Sabat. Exactly. And there’s one two things i’ll bring up here one is that, you know most well, most a lot of instances of breach come from not getting rid of logging access. That is not necessary any longer. So someone leaves the organization. The very first thing that should be done is that loggins should be deactivated. Deleted whatever. Yes, at the very least. Password changed. But there are lots of, uh, lots of instances where that wasn’t done immediately. And the data, you know, goes away and let’s face it. No, it it’s not just a friendly departure. That person is more likely to take action immediately than they are, you know, months down the road. So quick action is is really, uh, you know the right thing to do. Let’s, talk a little about insurance. There’s, there’s, cyber insurance. There is dahna and, you know, i haven’t really looked at the prices for those, but i’m sure that that very is based on the amount of information, the value of your database, all those kind of things, but i would say that most of the large insurance company i’m looking at the hartford and shove, for instance, they offer what’s called a data breach insurance, uh, which is exactly what we’re talking about here. It’s protection against losses, protection against lawsuits from, uh, problems occurring based on the loss liability, all those kind of things i would say it’s definitely something we’re looking into. And of course, you know, hindsight will always tell you that you should have done it. But, you know, pryce will make that determination for you, okay? We’re not holding you to the standards of oven insurance broker, so you don’t need to know the price, but but important for people to know that it exists and and as you suggested, you know, if you have a bad person, maybe they left on bad terms or maybe they’re still working for you, and they just have some bad intentions no policy is going to prevent them from getting what they want if they’re if they’re industrious enough like and an interesting statistic. Seventy five percent of a raw data fresh and i’m talking well, i guess it could be called hacking, but david left, this use of data happens internally of that seventy five percent, fifty percent of it is from physical, just physically copying the data onto a thumb drive. Or, you know, some other ceo or something like that. So it really, you know, most of what’s gonna happen is really gonna happen within the organization. That’s frightening and this heartening unfortunately true. You’re a former ceo, right? Chief information officer, chief technology officer on the corporate side. What? What more do you want to impart? I haven’t asked you about, uh, lock the doors. That’s that’s probably the biggest and most difficult thing that we had to contend with making sure that the facility is secure. Now those when i was doing that, cloud computing was really not a big issue. So locking the doors, you know, for a crowd environment doesn’t really does it really work? That said, we are still there’s still paper records that your store in provoc hammocks and almost any organization and locking doors were locking the file cabinets or some other way, securing access against the paper records. Still it’s still the right thing to do, and we’ll we’ll avoid some of the day the press that we’re talking about. Yes, excellent. We’ve been talking about digitised data, but there’s still lots of paper records and just simple locks on a file cabinet on blocks on doors, andan that server door that you know that those hallway closet servers that i see where it’s the maintenance you know, it’s it’s above the slop sink that’s crazy frank, that is one one other issue that i’ll talk about and that is what’s called social engineering and has nothing to do with data. Uh, it’s it’s really old fashioned and involved. Usually telephone, but it could be personal approaching face-to-face. Okay, you know, we talked about the three pieces of information that will lead to someone really knowing who you are, right? Uh, first name, date of birth and your zip code. You may not say all those things to the same person at the same time, but social engineering involves people making phone calls into an organization. Talking to different people and pulling different pieces of information from those different people and then assembling those outside so they’re pretty easy to, you know, called secretary and they, you know, i’m trying to get the thie owners birthday gift, you know what? They were on dh, you know, by the way, you know, at another person calls in to another person in the organization and says, you know what? Town today with them mean, now there you go, right there, three piece of information, yes. Wow. That’s okay, those air bad there’s a bad actors, but but but if somebody wants it, they can they can put it together over time. And andi, even if even a small organization, even if there aren’t that many people, if they can call they could do it over time, they can have a have ah, accomplice maybe helping. So one time it’s a man a couple weeks later, it’s a woman asked in different things, your office isn’t going to protect against that exactly. Then we’re not as people, we’re not wired to think, you know, in that kind of devious way to protect ourselves. Okay? All right. All the more. Reason for thinking about this thing about cyber insurance, i think, exactly, exactly all right next week, there’s no live show affiliates. I will have a show for you, but i don’t know which one. Yet more important than that. I hope you enjoy your thanksgiving time for family and friends over a long holiday weekend. Enjoy. If you missed any part of today’s show, find it on tony martignetti dot com. Where in the world else would you go responsive by pursuant online tools for small and midsize non-profits whatever type of work you do to improve our world pursuant dot com, our creative producer is claire miree off. Janice taylor is today’s line producer gavin doll is our am and fm outreach director. Welcome gavin doing an outstanding job. The show’s social media is by diner russell, while susan chavez is on maternity leave she’s having a little baby today. Congratulations, susan. Our music is by scott stein with me next week be with me next week for non-profit radio big non-profit ideas for the other ninety five percent go out and be great. What’s not to love about non-profit radio tony gets the best guests check this out from seth godin this’s the first revolution since tv nineteen fifty and henry ford nineteen twenty it’s the revolution of our lifetime here’s a smart, simple idea from craigslist founder craig newmark yeah insights, orn presentation or anything? People don’t really need the fancy stuff they need something which is simple and fast. When’s the best time to post on facebook facebook’s andrew noise nose at traffic is at an all time hyre on nine a m or eight pm so that’s when you should be posting your most meaningful post here’s aria finger ceo of do something dot or ge young people are not going to be involved in social change if it’s boring and they don’t see the impact of what they’re doing. So you got to make it fun and applicable to these young people look so otherwise a fifteen and sixteen year old they have better things to dio they have xbox, they have tv, they have their cell phones. Amador is the founder of idealised took two or three years for foundation staff to sort of dane toe add an email address card. It was like it was phone. This email thing is fired-up that’s why should i give it away? Charles best founded donors choose dot or ge somehow they’ve gotten in touch kind of off line as it were on dno, two exchanges of brownies and visits and physical gift mark echo is the founder and ceo of eco enterprises. You may be wearing his hoodies and shirts. Tony talked to him. Yeah, you know, i just i’m a big believer that’s not what you make in life. It sze, you know, tell you make people feel this is public radio host majora carter. Innovation is in the power of understanding that you don’t just do it. You put money on a situation expected to hell. You put money in a situation and invested and expected to grow and savvy advice for success from eric sacristan. What separates those who achieve from those who do not is in direct proportion to one’s ability to ask others for help. The smartest experts and leading thinkers air on tony martignetti non-profit radio big non-profit ideas for the other ninety five percent.

Leave a Reply

Your email address will not be published. Required fields are marked *