Description

In the first part of this two-part conversation taken from a webinar, Carolyn Woodard and Steve Longenecker, Director of IT Consulting at Community IT Innovators, walk through the security settings, risks, and first steps nonprofits need to know to get the most out of Google Workspace's free nonprofit tier.

Google provides a genuinely secure platform, but security is a partnership. Steve explains that the risks nonprofits face in Google Workspace rarely come from Google's infrastructure and almost always come from the configuration decisions made on the customer side. 

Whether your organization has been on Google for years or just signed up, there are settings in the admin console right now that deserve your attention.

Steve and Carolyn cover:

• Why Google Workspace is a strong platform for nonprofits and what the free nonprofit tier includes, including where it stops and paid tiers or third-party tools pick up.
• 2SV (two-step verification) is Google's term for MFA Multi-Factor-Authentication, and enforcing it for every user account is the single most important step you can take.
• How phishing, email spoofing, and business email compromise play out specifically in nonprofit environments, and what DNS settings like DMARC and DKIM do to reduce your exposure and protect your organization.
• Why shared and generic accounts create MFA blind spots, and how Google Groups can be a cleaner alternative for shared inboxes like info@ or donations@.
• The risks of unmanaged personal Google accounts, inactive user accounts, and overly permissive admin privileges, and how to find and address them in the admin console.
• Why migrating from My Drive file sharing to Google Shared Drives is a security and governance upgrade, and why it's worth planning carefully before you start.

Resources Mentioned

• Google Admin Console – Google – https://admin.google.com
• Google for Nonprofits Security Checklist: https://support.google.com/nonprofits/answer/9251886
• Google Workspace Security Checklist for Small Organizations: https://knowledge.workspace.google.com/admin/security/security-checklist-for-small-businesses-1-100-users
• Nonprofit IT Management Reddit Community – Reddit – https://www.reddit.com/r/nonprofitITmanagement
• Migrating Within Google to Use Shared Drives – Community IT Innovators – https://communityit.com/migrating-within-google-to-use-shared-drives/
• Email Protection and Deliverability (DMARC/DKIM) – Community IT Innovators – https://communityit.com/podcast-email-protection-and-deliverability-with-johan-hammerstrom/
• Cybersecurity Readiness for Nonprofits Playbook – Community IT Innovators – https://communityit.com/cybersecurity-readiness-for-nonprofits-playbook/

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn 
• on reddit/r/nonprofitITmanagement
• on the Community IT website

Thanks for listening.