You are hereHome › Blog
I'm always happy when a popular piece of software goes open source, and thus I am happy to be able to tell you that Pika CMS is freely available under an open source licence as The Open Case Management Project(OCM). Over on the OCM GitHub page you can find all the files and instruction you need to set up your own online browser based CMS.
And of course for those for whom it isn't practical to run your own server you can always go to pikasoftware.com and let the folks over there do the heavy lifting. Now that the software is open source hopefully there will be some community involvement that raises the quality for everyone.
LSC has released this year's stats on what technology everyone is using. It has been split up into three sections, legal aid specific technology like A2J Author and HotDocs, more general software like browsers and word processors, and how the computers are networked, this includes things like how files are shared on the network and remote access.
This data is a handy resource for everyone ranging from those looking to develop applications or systems for nonprofits to people that just are just unhappy with a piece of technology they are using and want to see what the community has gravitated towards. One
One of the statistics that really jumped out at me was the fact that 90% of the grantees do not use AdWords. Google offers nonprofits $10,000 worth of advertising per month for free and it blows my mind that more people aren't taking advantage of it.
The other thing I found surprising is the fact that people have moved away from XP and to 7 so quickly, I expect Windows 10 will start getting users but even in that case it's convenient to know that almost everyone in the community will be using one of the two operating systems. Not having to worry about supporting any other version of Windows not to mention Mac or Linux makes it a lot easier to design and text applications.
Recently our friends at have added close captioning to all of their videos and have been kind enough to share some of their findings with us. They cover the why, the how, and some best practices. For those of you using other services like Vimeo the process is similar, the only difference is instead of using the application built into YouTube you use one like Amara. It takes a couple extra steps but is a straightforward.
NTAP has just set our webinar calendar for 2016. Please save these dates. We will have full descriptions, web links and more information coming out in the following weeks. We have a great line up with webinars by Probon.net, Idealware, Rylander Consulting, Florida Justice Technology Center, and Transcend. If you want to share your TIG or recent tech project let us know we can add you schedule.
31st Considering the Potential ROI of an Innovative Technology Project - Idealware
12th: Using Google Analytics to Understand Your Web Traffic – Idealware
26th Privacy, encryption, and anonymity in the Civil Legal Aid Context - Florida Justice Technology Center
11th to 15th EJC I hope to see people there!
19th Ethics, Discretion, and Accountability in Designing the Data Interventions in the Civil Justice Context – Florida Justice Technology Center
25th Field Testing Legal Documents - Transcend
23rd Outlook 2016 – Rylander
14th: Introduction Business Process Mapping – Idealware
22nd 50 Tech Tips - PBN
Unified Communication - OKLaw
17th Recent Outcomes Evaluations of Legal Aid Tech Projects - PBN
14th Maintenance, Continuity and Succession Planning -
20th: Assessing Your Security and Creating a Practical Action Plan - Idealware
12th Great Features that are in all Microsoft Applications – Rylander
19th User Testing - PBN
9th Excel tables - Rylander
This post is based around TIG session ”What Every Executive Needs To Know About Information Technology Security” by Peter Campbell and the 2015 Verizon Data Breach Investigation Report.
To start off here are the slides from the TIG presentation, it’s in plain english and covers the topic in an easy to understand fashion.
And here is a link the the report
The Data Breach report is a hefty document but is extremely well written and accessible, it’s well worth spending an afternoon reading this document. I appreciate that this report is built on hard data and they include their methodology as well as some suggested courses of action.
Something Peter Campbell talked about but was not covered by the slides or the report is the importance of of having a data breach policy. Security incidents are unavoidable, having a plan in place ahead of time can reduce their frequency, help prevent them from becoming data breaches, and reduce the severity of breaches that do occur.
It’s a gross oversimplification but if you don’t have time to read through here are two things you can do to greatly reduce your chances of a data breach
Educate your staff
Keep your systems updated
The most security incidents are a direct cause of human error within your organization. Sometimes someone clicks on an attachment in a phishing email, others they leave their laptop unattended at a coffee shop, other times people add unsafe machines to the office network, however it happens good education and training can go a long way to mitigate it.
From the report
“We looked at organization demographics to see if one department or user group was more likely than another to fall victim to phishing attacks. Departments such as Communications, Legal, and Customer Service were far more likely to actually open an e-mail than all other departments. Then again, opening e-mail is a central, often mandatory component of their jobs.“
Keeping your systems updated can be a bit of a pain at times, however doing so will shield you from a lot. According to Risk I/0
“We found that 99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE [Common Vulnerabilities and Exposures] was published”.
The bulk of hacking that happens can be likened to trawling, they aren’t looking for anything special, just machines. People who are not picky about which system they compromise will go after the easy targets of unpatched machines, why put in the effort to crack an updated machine when there are millions of other easier targets to be had. If someone is looking to compromise your network specifically then in addition to covering technical exploits you will need to watch out for people using social engineering, if you are in this position then you will need to spend a lot of time training everyone in your business.