Foundations of Organizational Technology: Getting Started with Your Organization’s Digital Security

These three steps will create a strong, secure technological foundation for your organization!

Step 1: Buy a domain and set up institutional email. 

• If you haven’t already, buy a domain for your organization’s website. We recommend using Cloudflare Registrar or Google Domains for their security options and ease of use. Make sure you select private registration; Cloudflare offers this by default, Google offers it for no cost. There are many other domain registrars out there too that are also great options. We recommend that you choose a domain registrar that offers two factor authentication for account security, and private registration at no extra cost. 

• Once you have a domain, you are ready to set up your organizational email! We like Google Workspace for its security features and ease of use, and it’s free for nonprofits; learn more about setting up Google Workspace here. Other options for institutional email include Protonmail Business, Microsoft 365, and Tutanota Business. We recommend using a dedicated email as the owner/superadmin on your business email account, meaning an email that is only used for logging in as the owner/superadmin. We also recommend making sure at least two people have access to this account, just in case!

Step 2: Write down all the accounts you have & secure them with MFA. 

• Think of all the accounts you’ve made so far. You have your domain registrar, your email admin & individual email accounts, potentially a website, online phone system (VOIP system), social media accounts, maybe some financial accounts, maybe a database or fundraising software…think broadly! 

• Document all these accounts in an account documentation chart. 

• Turn on multi-factor authentication (MFA, also known as two-factor authentication or 2FA) for as many accounts as possible. Use the 2FA Directory to find instructions for turning on multi-factor authentication for all your accounts. 

Step 3: Set up a password manager. 

• For secure storage of all the passwords associated with the accounts you just listed, your next step is setting up a password manager. As your organization grows, you may end up with hundreds of accounts, and with a password manager, you’ll just have to remember one password: the password for the password manager! The password manager securely stores all your passwords, and also generates strong, complex passwords for you whenever you need to create one. 

• We recommend 1Password and Bitwarden as our favorite password managers.  

• Create an account and explore the features of your password manager. For best results, we recommend installing the browser extension for whichever password manager you chose.

• Start saving passwords! Work through the account documentation chart and save the passwords for accounts that you have access to in your password manager. 

• Use our password manager implementation guide to explore the settings of your password manager before you deploy it to the rest of the team.

We believe anyone interested in tech can get these steps done, even without any technical expertise! However, they do take some time and focus to work through. Have the interest but don’t have the time? We can recommend a vendor to help you. Head over to our contact us page!