{"id":8949,"date":"2022-02-23T13:09:51","date_gmt":"2022-02-23T00:09:51","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=8949"},"modified":"2022-02-23T13:09:51","modified_gmt":"2022-02-23T00:09:51","slug":"are-the-appropriate-it-governance-controls-in-place-to-protect-your-community-value","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=8949","title":{"rendered":"Are the appropriate IT Governance controls in place to protect your community value?"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”4.16″ custom_padding=”0px|||||” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

In most organisations, IT has grown organically, meeting business needs as they arise. Those demands have come through thick and fast from almost all areas of the organisation’s operations. IT has become integral to almost all aspects of operations in most workplaces, putting immense pressure on those that are responsible for delivering these systems.<\/p>\n

It can be especially challenging in not-for-profits that rely on a lot of volunteers to deliver their programmes, with a wide range of skills and all sorts of equipment.\"\"<\/p>\n

Under that pressure, it’s not uncommon for normal governance approaches to lag behind<\/strong>, but given the importance of IT, these clearly need attention.<\/p>\n

There’s a wide range of topics that need thought.\u00a0 Examples include :<\/p>\n

Access Rights<\/h2>\n

From protecting systems with passwords, having a strong password policy, multi-factor authentication or PIN policies for mobile devices – with no PIN, a stolen mobile device can yield up significant amounts of data, personal information and website access details.<\/p>\n

It is common for volunteer data to be seperated out to reduce risk, and clear obligations placed on them ,and agreed, before they are granted access.<\/p>\n

Policies<\/h2>\n

Are policies in place for appropriate use of devices, internet, email\u00a0etc? A common response for small NZ businesses is that they have never needed these, but these have to be in place\u00a0before\u00a0you need them. Once an employee takes advantage, the horse has bolted<\/strong>.\u00a0Are they up to date? Do they cover consumer cloud services such as Dropbox? Do they cover BYOD?<\/p>\n

What about the data available to a well-meaning volunteer?<\/p>\n

Antivirus and EDR (xDR)<\/h2>\n

Security patches are the fence at the top of the cliff and anti-virus can be the ambulance at the bottom. We have seen organisations suffer significant downtime<\/strong> because of a virus infection that would have been prevented by patching.<\/p>\n

Security<\/h2>\n

Data security process – With data privacy concerns emerging, and legislation like GDPR becoming relevant, how well placed is your organisation to ensure it follows best practice?<\/p>\n

Do your systems allow you to track compliance, do you know what personal data your organisation holds?\u00a0 This can often be informally held by well-meaning colleagues as well as your official systems, meaning that training and awareness matter as much as software<\/strong> – and that’s something that extends beyond the IT department.<\/p>\n

Do your volunteers understand their obligations?\u00a0 In Not-For-Profits, this can be the biggest weakness, but they can supported so you can harness their goodwill while protecting your data.<\/h3>\n

 <\/p>\n

Reporting<\/h2>\n

Do you have regular IT reporting in place, and does it cover the topics you really need to know about? These will span infrastructure (are the backups working and tested?) do you have any pending capacity considerations?\u00a0 What’s the reliability of core systems like?<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”1_2,1_2″ _builder_version=”4.16″ _module_preset=”default” saved_tabs=”all” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”1_2″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.16.1″ _module_preset=”default” custom_padding=”||0px|||” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]A Kinetics FlightPlan<\/a><\/strong> is the structured process to easily help you find the answers to these questions, and more.<\/p>\n

For more information, contact us today.[\/et_pb_text][et_pb_image src=”http:\/\/kinetics.co.nz\/wp-content\/uploads\/2021\/02\/FP-brochure-1119-212×300-1.png” title_text=”FP-brochure-1119-212×300″ align=”center” _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][\/et_pb_image][et_pb_text _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

If you aren’t sure who in your organiusatin is best to answer these questions, it is probably time you tried a contract part-time IT Manager, to help you manage ALL your valuable IT.\u00a0 Check out ourstructured, programmatic “IT Manager as a Service” approach to help you<\/a>.<\/p>\n

[\/et_pb_text][\/et_pb_column][et_pb_column type=”1_2″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_code _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n