Summary

The Minnesota Council for Non Profits presentation Security on a Shoestring Budget by Matthew J. Harmon and Natascha E. Shawver delivers practical guidance for nonprofit organizations to improve their security posture without large investments. It frames security as a mission enabler rather than a cost center and stresses that common-sense controls can dramatically reduce risk.

Security Concepts

The presenters begin by defining core information-security concepts: impact, risk, threats, vulnerabilities, and controlsto build a shared vocabulary. They emphasize why nonprofits must care about security, listing potential losses (reputation, funding, productivity, legal liability) that imperil organizational missions. By demystifying terms and highlighting that security is more than just computer stuff, they prepare attendees to tackle specific, budget-friendly measures.

Actions

The heart of the talk is a prioritized bare necessities checklist of seventeen actions tailored for resource-constrained environments. Starting with secure password management and asset inventories, it moves through network hardening (firewalls, patching, wireless security), malware defenses, automated backups, and principle-of-least-privilege user controls. It rounds out with training, policies, disaster-recovery planning, and vendor oversight. Each step is designed to be actionable with free or low-cost tools, enabling nonprofits to take incremental, sustainable strides toward resilience.

Presentation

Security on a Shoestring Budget