“After people, data is your most important asset.” — John Kenyon
- Left unattended, databases will turn into piles of mush. Therefore, develop data entry policies and procedures, and train everyone who enters data.
- Excel is not a database, and is one of the leading causes of dirty data. It is difficult to enforce data entry standards in Excel. (like only allowing legal U.S. state codes). And anyone who can update your spreadsheet can see and change anything.
- Someone needs to be in charge of training, user support, and data quality (see #1). At a small organization, this might be a small part of someone’s job. At a large organization, it might need to be a whole department.
- Run backups religiously. Be sure to test them periodically to make sure you can recover data.
- Keep a copy of your data off-site. This can be done by using an online backup service, a vendor that provides offsite storage and retrieval, or even by sending a backup home with a staff member. The latter is risky, however. Data taken off site is subject to theft, loss, copying, and malicious acts by disgruntled employees.
- Do all you can to prevent staff from downloading sensitive data (like social security numbers or credit card data) to laptops or memory sticks. Use encryption on your laptops and memory sticks. Tools like Identity Finder, Proventsure, and SENF will scan your computers for sensitive data.
- Require strong passwords. Do not share passwords. Change passwords regularly.
- Monitor your data entry. Run reports that look for common errors. Identify staff members who repeatedly make errors and provide additional training. If the errors continue, take away their data entry permissions.
- Run your database on a need-to-know basis. Give staff and volunteers access to only the data they need to see or change to do their jobs — but make sure that they do have access to the data they need.
- Make sure your database has enough security options. You should be able to provide read-only access. You might want to have the ability to provide read-only access to just a portion of your data, like names and addresses but not gifts. You should be able to provide update access to only certain portions of your data, like updating addresses but not entering gifts. You should be able to restrict access to functions like posting a gift batch or importing online donations. And you should be able to restrict the ability to run mass updates or delete records.
I love these! You rock Robert. I especially like the tools you mention in #6.
I am one of those people with a terrible memory for passwords. I’d love to hear about any suggestions you have to help people adhere to #7’s advice to change regularly. Storing them in a password protected document? Having them change in an incremental fashion, i.e., fzcg543, fzcg544, fzcg545, etc.?
Thanks for quoting me, I will republish my “Ten Commandments”!
John,
I use RoboForm to manage passwords. I have my own algorithm for creating passwords, but RoboForm can also generate random passwords. The passwords are encrypted and stored on my computer (and I back up my password file along with my other data). I have RoboForm set up so that you need a password to unlock RoboForm — so the passwords aren’t available to anyone who happens to sit at (or steal) my computer.
There are other password managers, some of which are free. I’ve been using RoboForm for ages, so I can’t comment on current competitors. But it rated #1 in this review.
I also heartily agree with Robert’s suggestions. Heartily!! In my work I still often see passwords written on sticky notes attached to computer monitors and passwords that are the vendor’s default password or users’ first names. Ouch! I have additional thoughts about each item that Robert mentions, but I thought it might be helpful for users of Blackbaud’s The Raiser’s Edge software to remember the following points about backups which are specific to that donor database:
Backups should be performed regularly and thoroughly through the Blackbaud Management Console (BMC) on the server. By “thoroughly” I mean:
a. Backups should be run nightly.
b. Check the backup status in the BMC regularly, at least monthly. It is not uncommon for Blackbaud backups to stop running on schedule.
c. Manual backups should be run on the BMC before any large imports or global changes.
d. Ensure the manual and scheduled backups do not build up on the server and create the risk of filling the hard drive. Today’s servers should be large enough to save at least one week of compressed backups, but more copies than this are probably too much.
e. The “backup” the BMC makes should be copied to tape or some other portable media.
f. Portable media should be stored off-site. Fire-proof safes onsite should not be considered acceptable alternatives. Also consider the security of data stored off-site to ensure it does not fall into the wrong hands or improper use.
g. Backup media should be rotated. Never copy a new backup on top of the most recent backup.
h. Backups should be tested at least quarterly to ensure the entire backup process is working. Start by restoring from the backup media to ensure the entire backup process is working, including the copy to the external media stored off-site. Be extremely careful that you do not overwrite your current data in the process. More detailed and the most up-to-date procedures for testing backups can be found in the Blackbaud Knowledgebase (kb.blackbaud.com).
i. At a minimum, have a disaster recovery plan for restoring the backed-up data from the portable media should the backup machine, software and server be lost.
Please note with your IT staff that Blackbaud has stated that they can and will only provide support for backups—and more importantly, restoring backed-up data—that are made through the Blackbaud Management Console. Backups made using Microsoft SQL Server tools and “live” backup agents for your network backup software are not supported by Blackbaud and therefore are not recommended, or should at least be used in addition to backups made through the BMC.