Article Type: Connect

Tomorrow the Supreme Court will hear arguments that call into question the strength and breadth of Title VII of the Civil Rights Act of 1964. The question before the court is simple. Is it legal to fire an employee because they are gay or transgender?

Twenty-one states, as well as Guam, Puerto Rico, and Washington D.C.,  have laws that further specify the protections related to Title VII by articulating a definition that includes sexual orientation and/or gender identity. That’s good, but that’s less than half of the 50 states. This means roughly 44% of the LGBTQIA population in the U.S. relies on the federal Title VII definition for employment protections. Without the Supreme Court deciding otherwise, Title VII can include these broader and realistic definitions.

NTEN’s office is in Portland, Oregon, a state with explicit workplace protections. That’s important to me personally as a queer CEO. It means NTEN’s board can’t fire me for joining an LGBTQIA kickball league. That sounds like a ridiculous reason to fire someone, yet one of the plaintiffs in a case before the court claims joining a gay softball league was the reason he was fired for “conduct unbecoming of a county employee” instead of the reasons he was given.

NTEN has several employees who work from their homes in other parts of the country. Not all of those staff live in states with the same protections as Oregon. We have employee handbook policies and an organizational culture that reassures staff that discrimination will not be tolerated. Unfortunately, the government where they live can’t say the same thing. (You can easily research your state’s protections from Movement Advancement Project.)

For a sector focused on providing services to diverse communities, advancing policies that enfranchise and invest in our communities, and creating a better world, there is no option but to demand these protections. Title VII impacts everyone in the sector, even if you do not identify as LGBTQIA. We can’t meet missions, design effective programs, serve community members and create that better world if we don’t have inclusive and diverse teams. And we can’t have those teams without policies that ensure everyone at your organization has equal protections under the law.

This year alone, we’ve seen the dismantling of protections for trans folks and hate crimes against LGBTQIA people. When we acknowledge race in this conversation, we see the impact on LGBTQIA folks of color is disproportionately higher. It is not surprising to see these cases being heard now, but it is disheartening. Being vocal is needed, and it matters. Here’s how you can help:

Check-in on yourself and your staff. Don’t assume that you know the sexual, gender, or trans identity of your employees unless they’ve told you. The way these hearings, and the news coverage of them, could be impacting your staff is as diverse as they are. Having space to talk about it, or not be in the office even, may be necessary.

Start conversations in your organization, your family, and your community about the need for these protections. If you identify as cisgender and straight, then your voice especially matters. Those most affected by these laws should not be the only ones speaking up about them.

Learn more. 

The secret to a CRM (constituent relationship management) implementation for nonprofits is that it’s not just about technology. It’s about the people.

What people? Your people. Your team. Whom do you work with? What do they need? What processes do they currently follow?

CRM software is a multifaceted tool, so it helps to do a bit of planning before you implement. Some tips based on our experience in nonprofit technology are:

Understand What Your Nonprofit Needs, Before Talking Technology
While a nonprofit CRM can solve many pain points, the most successful technology implementations do actually start with technology. Take time to talk to people. Explore WHY they follow the processes they do. Chances are if they’re still following the same processes from 10 years ago “just because,” it may be useful to reprogram your processes on a whiteboard before you program them into a new system. We believe that even if you’re in IT, it helps to have some experience in change management.

Here are some related book recommendations for people skills to build influence and maybe even help you get people to LIKE change:

Who Should Be Involved? Create a Responsibility Matrix
Use a Responsibility Assignment Matrix, also known as a RACI Chart (for who is Responsible, Accountable, Consulted, and Informed). Before you provision user licenses, you need to know who needs what level of access. Their role in your organization determines that and what they need to do their job. For more technical details on “who sees what,” here’s a handy whiteboard video from Shell Black.

Check Your Nonprofit Technology Infrastructure
What would you do if an earthquake or hurricane hit your nonprofit? Your nonprofit’s infrastructure needs to be sturdy enough to accommodate backups and have a clear disaster recovery process. Your local fire department may have classes on emergency response (see San Francisco’s for an example of volunteer training), so think about what your disaster checklist should be. San Francisco Community Agencies Responding to Disaster (SF CARD) has a good template designed specifically for nonprofits, or you could use disaster prep resources from FEMA.

Use the Cloud!
If you’re still handling donor data on-premise, that means you’re vulnerable to your server going down, handling computer updates yourself, not being able to access data outside the office, and other things that range from inconvenient to dangerous. Using a cloud resource for the location of your donor database for CRM is a way to get updates installed automatically.

Use a Secure CRM and Password Protected Login
OK, we know we’ve been talking about people skills and project management, so let’s get into a few technical tips now. Make sure your nonprofit staff doesn’t write passwords on a post-it on their desks. Use strong passwords with uppercase and lowercase letters, special characters like !@#$%^&*()_ and numbers. Use a password management tool to store your password info with encryption. Don’t share passwords with colleagues. This helps enforce security on who can see what: for example, do programs staff need to see donor credit card information? Probably not. Maintain access to your nonprofit CRM through a secure, password-protected login process to defend against donors’ personally identifiable information being hacked.

Have a Nonprofit CRM Planning, Implementation, and Training/Maintenance Phase
You’re not done when everyone has a login. Make sure you include time for staff training! (Again, effective nonprofit CRM implementation isn’t just about IT; people skills are also essential). Expect there will be a phase-in implementation when resources need to be devoted to either onsite training or outside consultants to train staff on how to use and extend the functionality of the CRM. Look for a nonprofit CRM that has a robust online community for Q&A and many partners to help with implementation if you need it.

This list could be longer because there are lots of details to consider, the most significant being to know when to be “peppy & cheap” and when there is no substitute for secure design protocols. Using old software and hardware can mean anticipating odd compromises to accommodate best practices and security. But that’s what makes life interesting!

Salesforce.org resources for further reading:

Meetings can not only be a waste of time if they are not well designed but can also zap our energy. Even worse, the meeting can be so boring that participants tune out or cancel. One way to shake things is up to host a “Strolling” Meeting. A strolling meeting is a meeting where everyone is moving – either rolling or walking – and does not have to take place inside a conference room.

It is called “Strolling” (not walking) to be inclusive. People who use wheelchairs, roll instead of walk. The “S” stands for slowest person sets the pace to make the meeting inclusive for anyone with a mobility challenge. The point of a Strolling meeting is not a race, but rather a chance to get fresh air and fresh ideas and build relationships in the process.

Here is a simple guide for nonprofits to host inclusive walking meetings or what I am calling “Strolling Meetings.”

Step 1: Identify Meeting Goals

Good meetings start with identifying why you want to have a meeting. It is important to frame why you think a strolling meeting is a better fit for your purpose:

  • Problem-Solving: Can be enhanced by the movement and fresh air as well as informal interactions among people.
  • Build Relationship: Team building occurs while involved in informal activities and outside our normal environment. The spontaneous mixing that occurs on a strolling meeting can enhance interactions.
  • Check-Ins: Great for one-to-one conversations with people you manage or with external partners, donors, and colleagues.
  • Conflict Resolution: Can help resolve conflicts for pairs and small groups. For larger groups, changing up the environment improves team interactions and helps generate solutions.

Step 2: Pick the Right Meeting To Get Started

Not all meetings are ideal for strolling meetings, especially when you first introduce the idea at your nonprofit workplace. It is best to test the concept with smaller meetings and one-on-one check-ins are a great place to start. Don’t select a meeting where success depends on a screen to share information.

Step 3: Make Accommodations

You want to be inclusive as possible so that any employee can participate in a strolling meeting despite having a disability. Before the meeting, make sure the route you pick is accessible for people with physical disabilities to navigate. The best way to find out is to get their advice.

Be sure to ask how long they can be mobile and plan for stopping points along the way for everyone to rest. Some people with physical disabilities may only be able to “stroll” for 5-10 minutes, not a full hour or half-hour. You can modify by shortening the mobile part of the meeting.

You may need to hold the meeting inside and incorporate movement. Participants can move around inside the meeting room or stand and stretch.  Participation in activities should be optional for everyone.

When you are hosting the actual meeting, share the guidelines about “slowest pace sets the pace for the group and the activity is not a race.” This helps everyone be respectful and inclusive of participants who move at different speeds. If you need to have rest stops along the way, plan it so that you can discuss a topic while resting.

Step 4: Planning and Preparation

It is important to give an advance warning for a strolling meeting so people can dress accordingly — bring a coat or sweater, wear comfortable shoes or bring water.

A strolling meeting is not just a stroll in the park, you are doing work. Like any other business meeting, there is agenda preparation but there are some other items you need to think about. Layout the meeting topics for discussion and synch your rest stops with agenda points. Take a rest stop during the last 10 minutes to capture takeaways and next steps.

Figure how far you can go in your allotted time and avoid noisy spots or too narrow walkways. If you have more than one other person, you will have to do a little bit more route planning.

Step 5: The Actual Walk

As noted earlier, being the meeting with sharing your guidelines, most importantly about pacing and inclusivity.

  • One-to-One Meetings: Meeting as a pair tends to be easy. Strolling breaks down the barrier of a desk and chair, and lets people communicate more equally.
  • Small-Group Meetings of 3-5: Meetings with three or more can be affected by the width of the sidewalk or path, variations in terrain, and possible physical barriers. This size group is flexible, as the discussion can occur while moving, or if desired the group can stop along the way.
  • Groups of 5-16: Meetings with larger groups tend to result in more than one conversation while moving. If the whole group is to be involved, make time to stop and gather as a whole.
  • Groups Larger than 16: These tend to require more planning, with a strong leader and potentially a few assistants if needed. There will be conversations while moving, then planned stops for presentations.

If you have staff at different locations organize them at their location and have them do their own strolling meeting. Encourage everyone to share photos of their stroll with each other. Some organizations use a slack channel or online discussion area devoted to their moving meetings.

There is nothing better than to boost productivity, build morale, and melt off stress than getting everyone to move during a strolling meeting. You can read more about strolling meetings in my book, “The Happy Healthy Nonprofit”.

Has your nonprofit hosted a strolling meeting?  How did you make it inclusive? What are your tips?

This post originally appeared on “Beth’s Blog”.

With the increasing use of Google Analytics, more nonprofits are measuring their websites’ performance and expecting their sites to deliver more.

Nonprofits expect more because we are no longer happy with websites that just look good. Measurement means that we expect our sites actually to perform. And each time we measure, we expect the data to tell us how we can improve our websites.

However, improvement goes way beyond just updating website content or navigation. It’s an organization-wide process that requires buy-in from leadership and a commitment to put users first. It means giving staff protected time and funds to test and experiment. It also means that your website must continuously adapt to users’ expectations.

Improvement cannot wait until your nonprofit redesigns its website. Instead, it must be regularly scheduled into your organization’s work plan, so that the website adapts and grows with your organization.

Here’s how to make website improvement a regular practice in your organization:

1. Use website measurements to help your organization meet its goals

Most nonprofits measure their impact each year by how successful their major projects or events have been. Your website should be the tool that helps you achieve that success.

When your goal is revenue

Start by defining the specific goal for your event, e.g., raising $100,000.

Direct all your incoming communications (such as email, ads, and social media) to a specific landing page on your website. The purpose of the landing page is to remove any distractions and focus your readers’ attention on just one issue: raising funds for your event.

Using Google Analytics, measure such activity as where users come from, how long they stayed on the landing page, and what they clicked (either to the donate page or ticket purchase page).

Measuring helps you determine what needs improvement. For instance, if traffic is low, test out different types of copy on your incoming communications pieces. If the click rates on the donate/purchase button are low, experiment by changing the placement of the button, words used for the call to action, or get opinions from some of your users on how you can make the landing page copy more persuasive.

When your goal is awareness

In this case, your website should be improved to increase engagement. While people can see your appeals, petitions, or website content, it’s not enough for them to know. Awareness must lead to action or a deeper willingness to understand more about the causes promoted by your nonprofit.

Here’s where your website can help: by measuring responses to surveys/polls, conversations in discussion forums, or the number of email signups, your nonprofit can gauge the level of interest in your cause.

Designing a persuasive homepage is the first step, as it should contain a broad statement announcing your vision. Once again, measurement is key. If people are landing on your homepage, but there’s a high bounce rate, or a low sign up rate, experiment by changing your feature image and impact statements. Your copy should include statistics, stories demonstrating personal benefits to those your nonprofit has helped, or provide practical tips on how your readers can help.

2. Schedule improvements

While item 1 deals mostly with monitoring and measuring your users’ engagement with the website, website improvement also requires that your internal processes be in sync. Shane Diffily calls this website governance, and it covers four areas:

  • Governance: Creation of a structure and internal systems to manage your website. Having governance also requires alignment with strategic goals and working directly with leadership.
  • Infrastructure: Maintenance of website technology, such as code, hosting, or content management systems.
  • Maintenance: Updates to content and navigation fit here, as does measuring impact, conversions, and conducting user research.
  • Development: This includes tasks to develop a new website section, such as planning, testing, launching, and training. It can also be applied to the development of a new website.

How to implement a governance plan

Create a schedule that allows you to plan improvements consistently. You can download the full spreadsheet for free on my website.

spreadsheet showing sample governance schedule with tasks down the side and months across the top

The schedule should be collaborated on throughout your organization (not just by the communications/marketing team). Include future planning, technology changes, and even how you will obtain buy-in. Align any improvements with the budget, operational, and strategic goals.

3. Use data to get buy-in

Data gives leadership the ROI they are looking for. It’s also key to obtaining their buy-in when trying to convince them that websites need constant testing and experimentation beyond the redesign period.

NTEN offers basic and advanced courses on how to read Google Analytics data.

However, data needs context and explanation. Here’s how to make the data meaningful for your leaders:

  • Group your information by goals. That way, data presentation helps to highlight your wins and becomes relevant to leaders’ needs.
  • Pull out metrics that demonstrate how your organization has met its specific goals. For instance, how much has been raised, how many registrants do you have to a conference or event? How have donations or memberships increased?
  • Get more specific. For instance, did your email messages lead to readers directly visiting the donate page on your website? Did readers click a unique link to download a resource? Have visits to a unique page on your website have increased in a certain period?
  • Ignore vanity metrics such as visits, users, or session times. While traffic may have increased to your website, such traffic loses value if very few of the visitors are taking any action.

 

With these tips, your website will become a powerhouse that will justify the cost spent on any redesigns. It will also become a living tool that contributes to your nonprofit’s success.

For members of the LGBTQ+ community, the current political climate has been turbulent. Now more than ever, the community has taken to the internet to make and encourage change in the world. Nonprofits play an essential role in supporting LGBTQ+ communities through advocacy and resources to effect social change. There is a huge opportunity for nonprofits to use their non-partisan positioning to support this community and others that are stigmatized through their content and interactions.

Here are six best practices for digital content and collecting feedback to make sure your spaces are more inclusive, especially when working with stigmatized audiences.

Digital Content

Make it a necessity to collaborate with members of the community you want to reach. Collaboration not only ensures that your organization has the support of the community, but it also means that your organization has verified knowledge about the community. Having this information can mean a lot for the comfort of your audiences, and makes it clear that you aren’t targeting this population for your own gains.

An excellent solution for this is to make sure that your organization is incredibly diverse. There has been plenty of research done that proves diversity makes a team smarter and stronger. It could also make it easier to connect with difficult-to-reach communities.

If you’re looking to reach a community that no one on your team is personally involved with, you should strive to connect with advocacy groups for that group. Be prepared to explain what you’re doing exactly and why you’re doing it. Make sure you want to reach this community for the right reasons. If anyone feels like you’re trying to tokenize a specific population, chances are they won’t want to help you. Being prepared and able to speak clearly about your goals will allow advocacy groups to vouch for you and your work.

Avoid stigmatizing language and labeling. You aren’t trying to ‘other’ any population. You’re working to bring everyone into the conversation and normalize their existence. Make sure that the language you’re using doesn’t have a negative history. While some LGBTQ+ people use the word ‘queer’ in their personal vernacular when speaking with others from the community, it’s understood that there is a significant and negative history around the word, so it’s a word to avoid when working with the LGBTQ+ population.

Avoid adding unnecessary descriptors. Sometimes, in an effort to be inclusive, organizations will call out groups that don’t need special attention. A website with medical information, for instance, might have a section labeled LGBTQ+ Health. While this doesn’t necessarily seem problematic, it adds an exclusionary tone and asserts that folx in the LGBTQ+ community have to worry about their health separately from everyone else. Creating these lines of separation between the health needs of audiences creates an assumption that LGBTQ+ folx have “other” health issues they need to worry about, which typically isn’t the case. All people have bodies and health concerns; there is no need to distinguish between healthcare and LGBTQ+ healthcare.

Content that is specific to LGBTQ+ folx in some way (i.e., hormone replacement therapy or gender-affirming surgeries) can have relevant metadata to make sure it appears in a search, rather than using explicit labeling that creates dividing lines between populations.

Recently, Apple announced its new menstrual cycle monitoring in its WatchOS update. Apple did a great job using inclusive language in its announcement. Without stating it outright, the company acknowledged that women aren’t the only people who experience menstrual cycles. Nowhere on its site does it say that this feature is for women; the language (“Gaining insight into your menstrual cycle,” for example) is incredibly inclusive. Apple mirrors this language across all of its content, and in doing so is continuing its inclusivity without making a big deal out of it. You don’t have to announce inclusivity for it to be noticed and impactful.

Find unbiased ways to address people. It’s important to neutralize how you talk about and to people. Instead of using gendered pronouns or phrases like “he” or “she” use a neutral pronoun like “they.” If you want to take it a step further, you can avoid pronouns altogether and use descriptive phrases, like “the participant,” “the external stakeholder,” or “the sales-clerk.” And then there’s the most neutral descriptor: to use someone’s name.

When addressing a group of people, it’s good practice to stay away from saying things like “ladies and gentlemen, boys and girls” or “you guys.” Take a page out New York’s Metropolitan Transportation Authority’s book and try saying, “Attention, everyone …” This neutralizes the language and truly addresses all people. In more casual settings, you can say things such as “friends,” “y’ all,” or “people” instead of “guys.” Use of this language is habitual, and shifting your mindset will take time, but people will recognize the effort and appreciate it. This practice of neutralizing language should be mirrored in your company culture and in your personal life. The phrases “practice what you preach” and “practice makes perfect” apply here.

Collecting Feedback

Be inclusive when collecting survey feedback to gain an accurate representation of your audience. If you want a true understanding of all your audiences and external stakeholders, you need to open up to genders that fall outside of cis-normative culture. Only using “Male,” “Female,” and “Other” will turn away potential participants who don’t feel welcomed into a survey based on the limited options. This common oversight means you aren’t getting an understanding of your entire audience. In surveys and screeners, offer the following options:

  1. Male
  2. Female
  3. Non-Binary/Third Gender
  4. Prefer Not to Answer
  5. Another Option We Haven’t Thought Of: ____________________(open this field to allow participants to include their own gender option. Thanks to Lynn Boyden for this suggestion.)

Most survey platforms don’t allow you to change the word “Other” to something more inclusive, so it’s incredibly important to make sure that field is open to allow participants to insert their desired gender option.

You can also allow participants to select their pronoun instead of gender, although that does assume that everyone knows what a pronoun is.

When collecting face-to-face feedback, make sure your participants feel comfortable with the moderator. People who belong to stigmatized audiences sometimes need additional assurance that they will be safe in new situations. When collecting face-to-face feedback, it is crucial to make sure that the participant doesn’t feel uncomfortable, as this could lead to biased or inaccurate responses. For example, trans people may not feel comfortable talking about transition-related topics with a cisgender person, no matter how much of an ally they claim or want to be. This type of mindset applies to any stigmatized, underserved, or difficult to reach population.

Another example would be women who have survived domestic violence. They may not feel comfortable talking to someone who resembles their abuser. You should gather this information in a screener beforehand to make sure that when it comes time to conduct feedback sessions, you are prepared to speak with them in the most empathetic way possible. Ask screener questions like, “Our researcher identifies as male; would you feel comfortable speaking about this sensitive topic with a male-presenting person?” or “Our researcher is cisgender, would you be comfortable discussing transition-related topics with a cisgender person?”

As for many stigmatized populations, the internet has historically been a safe space for the LGBTQ+ community. If we all make these small but impactful changes in our organizations, we can make sure that the digital world continues to feel safe and welcoming to everyone. With this knowledge, we hope that organizations everywhere can make these necessary and important changes in language and practice, which will, in turn, encourage these changes in the “real world.”

For young Americans today, connecting with each other has never been easier, more immediate, or more influential. Causes must be strategic about entering into these conversations, and tech plays a vital role in the design and delivery of this strategy.

Millennials and their friends consistently share and actively respond to information and opinions. To effectively and authentically take part, causes must implement responsive models that involve young cause enthusiasts (and their networks) in your issue and ultimately persuade them to join your cause.

To begin in the right direction, we look at the nation’s largest body of research on millennials: the Millennial Impact Project, a joint venture between the Case Foundation and research teams I’ve led. After a decade of research, the final report was just released: Understanding How Millennials Engage With Causes and Social Issues: Insights From 10 Years of Research Working in Partnership With Young Americans on Causes Today and in the Future.

We instinctively know that tech is powerful, and millennials, for the most part, are savvy users. But tech must be so much more than a social media strategy. Far more than a tool for monitoring and pushing out content to this audience, tech should be part of the fabric of your organization’s strategy.

To help in your planning, we’re sharing the top five tech findings from the mountain of research data, analysis, and recommendations from the Millennial Impact Project:

  1. It’s an online and offline world. At the onset of this decade-long study, we expected by now to see millennials taking actions in digital-only environments. But it hasn’t happened. Moreover, in every study, we clearly saw that activity in the offline world — activism in particular — continued to reign. Millennials don’t restrict their issue participation to either offline or online. They do both. It’s “and” not “or.”
  2. Their online actions are both small and large. When looking at the type and intensity of actions taken online (from social shares to DIY fundraising), we find the spectrum to be broad and, at times, deep. Connecting and forming relationships among peers certainly expands the profundity of an action, but we cannot discount the power in individual (digital) hand-raising, either — especially when we’re trying to build affinity and loyalty. Small public acts like “Yes, I agree” have a huge effect on a millennial who is just starting to explore how they feel about an issue, let alone act for those affected.
  3. Concurrent digital and non-digital activism reinforce and build on each other. Millennials believe in the power of activism and move toward greater actions by using their voice in addition to other assets they hold. At the same time, they believe they can be an activist in small ways that make a big impact, such as donating online and/or offline and talking to their friends about it — again, online and/or offline. Online forums can be great places for inspiring activism, and they are organized online and off. From posts to petition signing to hosting small talks in digital and non-digital environments, their activism happens all across the spectrum of participation.
  4. SEO and search queries relate to the issue, not the organization. People who care about an issue will search for information on that issue before they look for a specific organization potentially related to it. They want to help people or animals or the environment, not organizations. Your website needs to be seen as a resource for educational information and advocacy resources. Digital ads and boosted posts can drive visitors to these resources. Tech can improve your site’s organic visibility for millennials through optimization, auditing, user testing, and keyword research.
  5. Online and in-person, it’s a journey. We’ve learned that millennials are what we call “everyday changemakers.” For them, mixing online and offline cause-related actions is a daily, ongoing journey with no straight path of engagement you can plot. Rather, millennials move in and out of participation; they use tech to enhance their offline experiences, and they use their offline actions as shareable experiences and knowledge. They begin their participation simply and easily, then become more deeply engaged over time.

Tech can bridge the offline and online worlds millennials act within today rather than be a supplement for the other. As we have said time and again, expecting millennials to move along the traditional paths of passive to active engagement is a crucial mistake — which means we cannot force them to move within traditional organization structures, either.

Today, young Americans may enter a cause at almost any point on the engagement path and move back and forth along it. This means your organization must be flexible, adaptable, and highly responsive. Supportive tech underlying all these new approaches and opportunities may mean the difference between the organizations that truly stand out and those that continue to react.

Download Understanding How Millennials Engage With Causes and Social Issues: Insights From 10 Years of Research Working in Partnership With Young Americans on Causes Today and in the Future at themillennialimpact.com/latest-research.

Like all nonprofits, Tech Impact continually struggles to balance cybersecurity against cost, time, and user frustration. Unfortunately, there isn’t a lot of room for error! With access to hundreds of nonprofits’ systems, Tech Impact is an attractive target for criminals, activist hackers, and even government agencies. We take our mission seriously and put as much as we are able to secure our environments.

On the other hand, as security experts ourselves, we are quick to spot the difference between what “they say” you should do and what actually makes us more secure. In this post, I’ll share a subset of our security practices so that you too can do more than check the box.

Policies

You’ve heard it before (probably from us) but having written policies is an essential part of any cybersecurity strategy. The trick is to have a specific goal in mind for every policy and to keep the document itself short and to the point. Here are some of the goals and policies that your organization should likely have:

Goal Policy
Be able to hold staff accountable if they use systems or computers in an inappropriate way. Acceptable Use Policy
Educate staff about how to store and share sensitive information Data Sharing & Storage Policy
Make sure risky data isn’t kept forever Retention Policy
Educate staff about how to create, manage, and share passwords Password Policy
Ensure staff understand the potential ramifications (wiping devices if staff leave) of using a personal device for work activities Bring Your Own Device Policy
Prevent staff from transferring money or data based on impersonated emails. Approval Process for Bank & HR Data Transfer
Limit the number of administrators in our systems Administrative Access Policy

One goal of our policies is to allow us to discipline staff who won’t take security seriously. But generally speaking, we don’t expect our policies to guarantee that our staff stays safe. Instead, we use them to educate staff about how to be safe using the tools available to them.

Training

To get staff actually to be safe, we rely much more on training and awareness. Being secure means making the right decisions dozens of times a day. Every time we email a client or share a file, we have to evaluate the risk and take appropriate safety measures. The high frequency of these decisions means that we can’t expect our staff to look up and follow complex policies.

Instead, we teach folks regularly about who might want to attack us, why those attackers are interested in us, and how those attacks are likely to happen. By educating about our actual threats instead of imagined or possible risks, we keep our staff paying attention. That’s why we focus on password strength, phishing attacks, and impersonation attacks and not on protecting against NSA EMF monitoring.

At Tech Impact, our learning culture doesn’t lend itself to formal training. Besides some mandatory training for staff dealing with sensitive data (like HIPAA-regulated data), we mostly don’t force our staff to sit down for training. Instead, we regularly send emails and chat messages to the team with information about attacks we have intercepted or articles that seem relevant. This constant drip of information keeps folks on their toes.

One formal approach we do recommend is to use a third-party phishing penetration service like KnowBe4. Using the service, you can send your staff simulated phishing emails. Folks who fail the tests (by handing over their username and password) can be required to complete additional security training.

Escalation

Between our policies and constant communication, our staff is definitely paying attention! But paying attention isn’t enough by itself if folks don’t know what to do when they encounter something suspicious. At Tech Impact we’re lucky to have a resident security team. Our staff has been trained to forward emails or send questions to the team anytime they are worried about something that came in. By making it easy to report an issue and get help, we have dramatically increased engagement and often prevent staff from taking risky action.

For your organization, this might mean sending one person to security training, or it might mean sending questions to your support provider. However, you approach this make sure to keep a record of the kinds of questions and issues that come in so that you can identify trends and create better training.

Technology

Only now is it worth talking about technology. In truth, technology is important but not enough. Staff and attackers will always find a way to get around anything you put in place. Your best bet (at least for organizations that aren’t facing activist hackers or hostile governments) is to focus on policies, training, and escalation.

But if you’ve handled the basics, or if you are at particular risk, technology can absolutely help your organization stay safe. There are lots of resources out there about cybersecurity technology, so I’m not going to reinvent the wheel. But I will share with you some of the tools that we use. Note that this is only a portion of the technologies we use at Tech Impact to stay safe.

For Everyone

Some of the cybersecurity tools we use are foundational and should be used by every single nonprofit out there. Nothing listed here is particularly complicated or expensive, so don’t wait!

  • Software Updates & Anti-Malware: You should know this by now, but most malware-based attacks use known issues that have already been patched. Keeping your computers up to date and using Anti-Malware software is a foundational need for every nonprofit.
  • Multi-Factor Authentication (MFA): The single most effective thing you can do to keep your organization safe from account compromise. In addition to a username and password, your staff uses a separate code from an app or SMS text message to log into systems. This will almost eliminate the risk of phishing attacks.
  • Single Sign-On: Use Office 365, Google Apps, Okta, or another cloud identity provider to let your users log into all your systems with a single username and password. This enables you to enforce MFA across all your tools and lock all accounts down from once place. Any software you’re using that supports the SAML standard can be integrated for Single Sign-On
  • Device Encryption: Encrypt your devices so that no one can read data off them even if they are lost or stolen. This is free and easy for Android, iOS, Mac OS, and most Windows computers!

For Many

For organizations that have some compliance needs (HIPPA, etc.) or are dealing with otherwise sensitive information, there are some basic tools that can make a big difference without a considerable cost.

  • End-to-End Encrypted Email: Allows you to send social security numbers, healthcare information, passwords, and other sensitive information via email. You send a standard email, but recipients get a simple email with instructions to use a secure web portal to respond.
  • Data Loss Prevention (DLP) Scanning: Scans outbound email, shared files, or files stored in semi-public locations for sensitive information like social security numbers or bank account information. This is an essential backup to your policies educating folks on how to safely store and transmit data.
  • Device Management: Lets you monitor devices remotely and make sure that they are kept up-to-date, encrypted, and secure. It also allows you to wipe them remotely if they are lost or stolen.

For a Few

There are a lot of things we do at Tech Impact because we are at high risk. These aren’t things I would recommend for everyone.

  • Conditional Access: Prevent devices from downloading files or syncing data if they aren’t enrolled in your device management platform. This keeps the staff from saving data to devices that aren’t encrypted or that you don’t own.
  • Advanced Multi-Factor Authentication: Text-message based multi-factor authentication is not secure against a determined hacker. We use code-based MFA from our mobile phones and are exploring U2F and certificate-based MFA to make ourselves even more secure.
  • Centralized Log Analysis: We send all of our logs to a system that looks for unusual behavior. If someone logs in from an unusual location or downloads more files than usual, our security team gets an alert and can investigate.

Wrapping Up

As a technology nonprofit, we know that there are limits to what technology can do to keep us safe. That’s why we use this multi-layered approach that includes policies, education, escalation, and technology. Staying safe is a constant balancing act, and it’s important to remember that some action is always better than no action.

When we are in the role of encouraging nonprofit staff to use technology, we have a vested interest in how they feel about the software. In the spirit of doing everything we think we should be doing to stay connected to staff and to ensure the success of the platform, we may feel compelled to launch a user survey.

How do you feel about the software, do you find the software to be useful, what would you like to see improved?

The survey almost writes itself, and it is an approach taken by many organizations. However, knowing what we now know about user engagement and adoption, is this the best way to proceed? Perhaps there is a more practical approach. The wonderful thing about software is that we can determine its impact and effectiveness by simply evaluating analytics and analyzing usage habits in ways that are much more effective and revealing than any survey answer could provide.

I launched a Yammer enterprise social network for staff at the Union for Reform Judaism, and right away, I knew how the staff felt without having to issue a survey. I knew that some teams took to Yammer right away. Groups were set up, resources were shared, and valuable conversations were occurring. Other people in our Yammer network could see the work these teams were doing, and they began to explore Yammer themselves.

I knew that some staff had no intention of using Yammer. They liked working over email. They chatted each other in Zoom, and they sent versions of files back and forth between different members of their team. They did not necessarily dislike Yammer, but there were perfectly happy with their current means of communication and collaboration.

I could quickly tell that other staff did, in fact, not like Yammer at all. They would pepper me with complaints and questions, and their general attitude made it clear to me that they would not take the easy, necessary steps to learn the platform.

Every day was an opportunity for me to learn and adapt. Had I introduced a survey to the mix, it would have only served to confuse matters. Upon seeing the survey, it may have occurred to staff who were happy with the platform to explore a more negative perspective. Those who were unhappy may have taken the opportunity only to amplify their complaints and general unhappiness. Staff might have sent messages to me through the survey with unrealistic expectations for action in response.

More effective than a survey, I would argue, is being connected to the technology you are encouraging staff to use through empathy, generosity, and transparency.

EMPATHY: Understand that, in many cases, the platform you are encouraging your colleagues to use represents a change in work processes and habits. Put yourself in their shoes, and understand they may be reacting to the new platform, convenient and functional though it may be, with a sense of fear, trepidation, and anger. Give your users time. Coach them. Hold their hand. Be sympathetic and help to address their concerns.

GENEROSITY: Give your users your time. Train them in best practices. Create user guides and hold regularly scheduled office hours. The more generous you are in your support, the more generous they will be in their trust.

TRANSPARENCY: You may be a little confused and concerned about the new platform, too. Make sure your colleagues understand that. You may have to work through change and adoption issues yourself. Make sure your colleagues know that. You may be unsure of the platform. Make sure your colleagues see that. Your transparency will result in trust and connection. The more you share, the more you expose, the quicker your colleagues will adopt the new platform.

We need feedback as we launch new platforms, but we want that feedback to be sincere and helpful. The very best information you can find is on the platform itself. The more engaged you are in its day to day deployment and use, the more vital information you will receive during post-implementation support. Avoid the survey. Embrace the platform.

Your nonprofit newsletter is one of the most powerful tools you have to convert donors. However, converting donors isn’t only about making your fundraisers seen. It’s more important to use your email marketing for effective storytelling.

Donors love to see the impact their donations have. They want to feel re-inspired to give and reminded of why they love your cause. Your nonprofit newsletter needs to include elements of storytelling alongside other engaging content. Otherwise, you will find yourself asking for money too often and wearing your donors out.

Here are seven emails built to engage your supporters without over-asking. Each of them is designed to help you build relationships, gather more support, and show off your impact in the world.

1. Thank You Emails

The most obvious email you should always send to your donors is “Thank You.” Don’t automate a donation receipt and move on. Make sure your donors are thanked genuinely for their contribution.

Then, ask them to sign up for your newsletter so you can engage them all year long. Or, you can ask them to subscribe when they give by building an email opt-in option into your forms. Either way, make sure your donors feel appreciated and have options to stay connected after they give.

2. Welcome Emails

Welcome emails are different from the “Thank You” email sent right after a donation. This comes after someone opts-in to your email marketing newsletter. It has information on what kind of content you send out to your subscribers, how to support the cause by sharing your content, etc.

You should also have a subscription sign-up available on your website. People generally interested in your mission and the content you publish will sign up and become donor leads. Content marketing is an important strategy for nonprofits to embrace. It helps build your email list and your email list also drives traffic to your website in return.

The people interested in your content are good leads to convert to donors. You just need to nurture them with emails they’re interested in before you ask for donations.

3. Impact Stories

Of course, don’t forget the most important part of your newsletter: storytelling. It’s your job to show your organization’s work and how it’s made an impact. Donors especially want to see what impact they had. You did the work, but they feel pride. Help them feel the joy of giving by telling the story of how their money has helped you fulfill your mission.

You can write out the entire story, send them back to your blog to read the whole thing, or even a mix of both. When you send them back to your site, they’re greeted with more opportunities to explore your content and give.

4. Volunteer Stories

You should also include volunteer stories in your nonprofit newsletter. These are just as beneficial as impact stories. Your volunteers see things from a different perspective. Their point of view might inspire donors to become volunteers, give even more, or share the story.

Volunteer stories also serve as third-party validation or social proof. It gives your organization more credibility to share the experiences of those who volunteer to do the work.

5. Surveys

Surveys are wonderful tools to re-engage donors and keep up engagement during a slow season. You might find that you want to use a survey to see what kind of content your newsletter subscribers want to see. Some other survey question topics might include:

  • Have you seen the news? Find out if you need to educate your supporters on a news topic that has an effect on your mission in some way.
  • What’s your favorite? Ask your subscribers what their favorite volunteer or impact story is from your blog.
  • What’s the right stat? Quiz your donors and supporters on their knowledge of your cause. Do they know the right statistical data?

6. Factoid Updates

Send out statistics and facts. These can be short emails with one to two stats or a whole list of relevant research. How you design the email depends on your goals. Creating graphic-oriented emails helps encourage sharing on social media.

On the other hand, plain-text emails with more information may inspire more engagement and clicks-though. It depends on your audience and how they currently interact with your email content.

7. World News

Last, but not least, keep your supporters informed of relevant world and local news. Anything that affects your organization and mission or those who have benefitted from your services is worth sharing.

But Don’t Forget to Ask

Between the storytelling, transparency, and engagement emails, make sure you are still asking for donations. Ask regularly for general online donations and always segment your lists. If you have recurring donors, don’t keep asking them to sign up to donate. Instead, use segmentation to ensure they only get asks for larger fundraising campaigns.

Even when it comes to larger campaigns, like GivingTuesday for example, your emails should be framed toward each segment. Address your board and volunteers, past and recurring donors, and new supporters attracted by the campaign all differently. Segmenting is crucial for nonprofit fundraising emails.

Evaluate and Evolve Your Nonprofit Email Marketing Strategy

Take the time to evaluate your current email marketing strategy. Do you have enough mixed content or are you constantly asking for support? You might even find that you aren’t asking for support enough.

You know that websites need to be accessible to people with disabilities. But have you thought about your presentations?

Presentation accessibility means that your audience can experience, access, and understand your presentation. There are different considerations to presentation accessibility, depending on whether it is presented live or shared online. Knowing in advance how you want to present allows you to ensure that your content is fully accessible regardless of how the audience will experience it.

Accessibility Considerations for Live Presentations

Fonts

There are two major font categories:

  1. Serif (fonts with finishing strokes on the ends of characters, such as Times New Roman)
  2. Sans Serif (font without finishing strokes, such as Calibri)

It’s generally agreed that sans serif fonts are more readable and accessible at smaller point sizes than serif fonts. Serif fonts are often used for presentation elements that have a higher point size, such as headings and titles.

Several accessible fonts are common on today’s devices. Verdana and Tahoma are two fonts that are considered quite accessible and can be found across device platforms and formats.

For more detail about the accessibility of fonts, see WebAIM’s Fonts article.

Slide Design & Layout

It’s easy to create striking and well-designed presentations using the many available themes and templates. Using a theme’s built-in slide layouts promotes consistent and uniform design, which is essential for usability and accessibility. However, many themes use fonts that are either too small or too ornate to be truly accessible. Search online for accessible themes (there are plenty to choose from), or build an accessible theme using your agency logo, branding, colors, and conventions. Whichever option you choose, stick to the built-in formatting of the slide layouts with few or no modifications. Doing so will significantly increase the accessibility of the presentation with less additional work required later.

Layout Guidelines

Make sure that the slide text is large enough to be seen by your audience. Refrain from trying to fit too much content on one slide, forcing the font point size to get too small. A good rule of thumb for slide content text is between 20–28 points, and for headers aim for 36–44 points.

Here are some other things to consider when laying out presentations:

  • Make sure each slide has a unique header. If there is more than one slide on the same topic, add a numerical identifier to the header such as (1 of 2).
  • Avoid using italics or all caps.
  • Do not use color alone to indicate importance, but bold text is allowed.
  • Make sure to display slide numbers.
  • Keep transitions and animations simple. Fade or appear animations are acceptable, but avoid flashing and flying text.

Content Guidelines

While slide design is important, your content also needs to be developed with accessibility in mind. Keep it brief, focusing on short blurbs or lists of information. It’s easy to overfill a slide with content, especially when font sizes are in the accessible range. When in doubt, break a dense slide into multiple slides to keep readability optimal.

Regarding readability, Plain Language Association International (PLAIN) identifies five general areas to consider when writing:

  1. Audience and purpose
  2. Structure
  3. Design
  4. Expression
  5. Evaluation

To learn more about each area, visit PLAIN’s “What is plain language?” webpage.

Color contrast is also important. Make sure the text color contrasts sufficiently with background colors. This applies to text in images as well. Contrast Checker is a helpful place to test different colors, and the results it provides conform to recognized accessibility standards.

Accessibility Considerations for Online/Shared Presentations

If you’re posting your presentation on a website, sharing it on a slide service, or emailing it to users, there are additional accessibility concerns to be aware of. Some people might use assistive technology, such as screen readers, to access the content. Those users may have difficulty navigating or comprehending your presentation if the additional accessibility enhancements in this section are not applied. Both Microsoft and Google offer guidance specific to their tools, but here are some critical guidelines to remember.

Describing Images

Adding text descriptions to images, commonly referred to as alt text, allows for users with screen readers to get a verbal description of the images in presentations. The alt text should describe the content and function of the image. Some examples include “Photo of a smiling woman” or “Logo and link to our home page.” Images that are decorative and do not provide any content or function do not need alt text. However, when unsure if an image is decorative or not, add some alt text.

Reading Order

The order a screen reader reads a slide’s contents is important. With a word processing document, the reading order is natural as the content generally proceeds from left to right, and top to bottom. On a slide, however, content is added in separate text boxes that can be created or edited in any order. Sometimes the headings are at the bottom or side of a slide, but the intention is that they are read first. Imagine how confusing the content would become if it were read out of order.

Using the built-in slide layouts can minimize problems as they were designed to be accessible with reading order in mind. However, customizing or creating new layouts can lead to reading order adjustments being necessary.

Other Considerations

In addition to adding alt text and adjusting the reading order of slide content, there are a few more aspects of a presentation that should be reviewed if it is going to be shared online:

  • Make sure that links are clear and describe where the link will go. Avoid using only the words “Click Here”; opt instead to use the name of the website as the link itself.
  • If your presentation includes video, make sure it has captions, and ideally, audio descriptions of the action. If captions are not an option, provide a link to a transcript.
  • If your presentation includes audio, provide a link to a transcript.
  • If you opt to save your presentation as a PDF, make sure to enable the setting to allow tags for accessibility to be created; otherwise, all the hard work will be for naught, and the PDF will not be accessible.

Using Automated Tools to Check the Accessibility of Your Presentation

It is clear by now that there are quite a few facets to making presentations accessible. Ideally, accessibility should be a priority throughout the design process. Waiting until the end to make changes and edits is more time consuming and increases the likelihood of making errors.

There are automated tools that scan presentations to check for many things that may have been missed.

PowerPoint has a Check Accessibility tool, but for G Suite, you need to download an add-in. The most popular one is called Grackle.

These tools are a good first step to begin an overall review of your presentation but note that there are limits to what they will catch. For example, some software will place the URL to downloaded images into the alt text field. An automated scan would recognize that alt text was added to the image; however, that text would not be helpful to a screen reader user.

While it might seem like there is a lot to remember for accessibility, it’s easy to manage when you think about it at the beginning of your design process. Implementing accessibility will yield a presentation that everyone can access and enjoy.