Were IT

1
Were IT

• and were here to help!
• Tips on security, data management, website and
  communication issues

2
Topics and panelists

• Pat Yevics, Moderator
• Bill Dickinson, Top 7 Security Tips
• Mel Reveles, Website Issues
• Anna Zanolli, How to Talk Tech
• Steve Dunn, Everything Else

3
Top 7 Security Tips

• Bill Dickinson
• Director of Information TechnologyVirginia State
  Bar
• dickinson_at_vsbar.org 804.775.0511 cell
  804.397.9429 www.vsbar.org

4
Top 7 Security Tips

• Define a Security Policy With regulations like
  the Sarbanes-Oxley Act raising the bar for
  accountability, it is more important than ever to
  document and enforced your security measures.
• Scan Filter  Email is most likely your biggest
  source of a virus and malicious code. Make sure
  you have some type email filtering to not only
  eliminate spam but also to block certain
  malicious e-mail attachments.
• Education The security policies and guidelines
  themselves are useless if no one knows what they
  are. An essential step in protecting your data is
  to ensure that you bar staff knows how to
  practice Safe Computing. 

5
Top 7 Security Topics (continued)

• Keeping Up To Date Make sure all of your
  operating systems and applications are patched
  with the latest service packs and hot-fixes.
  Keeping your systems patched will close
  vulnerabilities that can be exploited by hackers.
• Lock It Down With so much business occurring
  on-line it's easy to forget that the computer
  system exists in the physical world. Lots of
  money and time is spent on computer and network
  security measures but they aren't going to be
  much use if your database server is sitting next
  to an open door.

6
Top 7 Security Topics (continued)

• Safeguard Sensitive Data  Dont send you
  sensitive data out into the cold cruel world
  without protection. We all have sensitive data
  stored in our computer systems birth dates,
  social security numbers, and credit card
  numbers.  Most organizations have lots of access
  security, passwords, and user privileges to
  protect information while its in the office.
• Audit Your Computer Systems Make sure your
  annual audit includes IT Security.  Also, hire a
  reputable technical consultation to perform a
  network venerability assessment otherwise known
  as  White Hat Hacking to find security holes
  before the bad guys do.

7
Website Issues

• Mel Reveles
• Director, Internet and Technology
  DepartmentColorado Bar Association
• mreveles_at_cobar.orgDirect 303.824.5349 Cell
  303.725.6426www.cobar.org

8
Website Issues

• Website redesignThe user experience is
  EVERYTHING when evaluating the usefulness of a
  website. Think "site usability" and "quality
  content". A clean design with carefully planned,
  logical navigation will create a positive user
  experience (as long as your site has been
  optimized to load quickly). Plan to do a lot of
  research to find out what doesn't work with your
  current site and what works well on other sites.
  An evaluation from those outside the industry can
  be help.

9
Website Issues (continued)

• Selecting a programming language/database/web
  server technologyWhat language will your site
  be built in? Consider popular, flexible, and free
  programming languages as well as the supply of
  programmers/developers (and the fees they
  command) if you don't plan to have an in-house
  web developer. Also, consider portability if you
  arent hosting your website in-house. An entire
  site should be easily moved from one
  server/hosting company to another.

10
Website Issues (continued)

• Web 2.0Don't be seduced by these sexy
  technologies in the hopes they'll give your
  website a modernized twist (which can be
  misunderstood as a useful upgrade). While these
  technologies are no doubt changing the web and
  making a lot of the websites using them more
  interactive, they can introduce a whole host of
  headaches. First and foremost of these headaches
  is security. If you're thinking about integrating
  Web 2.0 into your sites, first familiarize
  yourself with your different options. Spend time
  talking with those who have deployed these
  applications and discuss any "gotchas" they had
  to work through. Also, ask if they believe the
  "Web 2.0 upgrade" enhanced their site's
  usefulness.

11
Website Issues (continued)

• Secure that site (including all web
  applications)! Check out the SANS Institute's
  Top 20 Security Risks, http//www.sans.org/top20/
  s1. Read up on "Web Applications" and "Web
  Browsers" so you're armed and ready to discuss
  concerns with your developer. A game plan for
  securing your website should be put in place
  BEFORE the programming even begins. Discuss how
  data input will be validated. Make sure the
  source code and the entire site are tested for
  vulnerabilities.

12
Website Issues (continued)

• Search Engine Optimization (SEO) If you dont
  have the expertise on staff, consider bringing a
  well-qualified SEO to evaluate your website. This
  should be done on your current site and is an
  absolute priority if your site is undergoing a
  redesign. If your website redesign is outsourced
  to a development company, make sure they address
  this issue in their initial quote. Review
  Googles Whats an SEO? article
  (http//www.google.com/support/webmasters/bin/answ
  er.py?htenanswer35291) in their Webmaster Help
  Center.

13
How to Talk Tech with Techies or Non-Techies

• Anna Zanolli
• Information Design Technology SupervisorOregon
  State Bar
• azanolli_at_osbar.org503.775.0511 cell
  503.740.6177www.osbar.org

14
How to Talk Tech with Techies or Non-Techies

•  The same basic tips apply whether you're an ED,
  CFO or IT
• Listen. Approach the conversation with an open
  mind and open ears.
• Be honest. When you don't know something or
  don't understand something, say so.

15
How to Talk Tech with Techies or Non-Techies

• Ask questions. Lots of them. Ask for
  explanations of tech jargon and acronyms. 
• Use pictures. Screen shots are a great way to
  illustrate both problems and solutions.
• Repeat. Use your own version of, "What I hear
  you saying is....

16
Everything Else

• Steven L. Dunn
• Director of Information Technology
• Illinois State Bar Association
• sdunn_at_isba.orgDirect 217.747.1455Cell
  217.415.9819 www.isba.org

17
(1) The Basics

• No one size fits all model exists and the
  big-iron (Microsoft) world might not be the
  best for me
• Technology is a Tool - which tools you use is
  defined by your specific needs
• In the end, Technology works if Im comfortable
  using the tools and serving member needs through
  them.

18
(2) Plan for Obsolescence

• Useful lifecycle tends to be a 3-4 year curve
  for computer equipment (printers, copiers,
  servers usually longer)
• Regular interaction and contact with vendors
  about upgrades, patches, service outages and
  migrations to new services
• Review needs of Association Members before
  changedont just fix it. Develop a good
  RFP/RFI
• Applies to all related services of the
  Association.including Membership Database (AMS)
  and Website.

19
(3) Plan for the Disaster

• Backups upon Backups upon Backups
• Onsite vs. Offsite Storage
• COMPLETE Documentation not just for the
  Technology
• A scaled approach to Recovery. In other words,
  be able to answer the question What does my
  Association need to do to function during..

20
(4) Economies of Scale

• Microsoft still the 800 lb. Gorilla, but there
  are alternatives
• Dont rush to Vista (new version already
  announced) or Office 2007
• Cost an Issue? Consider eBay or Techsoup
  http//www.techsoup.org
• Need to create a PDF from your document? Do it
  for Freehttps//www.pdfonline.com/convert_pdf.as
  p

21
(5) Examine the Trends and how they apply to
you

• E-mail the King. Really? What about Spam???
• Internet Service Affordablebut what about
  dial-up?
• All in one Virus and Security products. Do they
  work?
• Apple in the workplace? Not just a cool toy
  anymore
• Remote accessiblity? How connected is too
  connected?

22
Final Thoughts

• Opinions are different, so find a model youre
  comfortable with and can explain to your Aunt
  Edna!
• Shouldnt need a Babelfish to talk with an IT
  Professional!!! ()

23
Were IT

• and were here to help!
• Tips on security, data management, website and
  communication issues

gtgt Download this presentation from the NABE
website.