Perhaps it's not a coincidence that the September National Preparedness Month is followed by National Cyber Security Awareness Month. Organized by the National Cyber Security Alliance, it aims to educate users in the home, business, and school environments about healthy and secure computing habits.

Barbara has blogged here before about the new TechSoup Limited offerings available to nonprofits and libraries on a limited basis. It was just brought to my attention that there are four TS Limited products that organizations and libraries are allowed to re-distribute to their constituents, members, and individual supporters.

Our donor partner, PC Tools has made their Internet Security, Registry Mechanic, Spyware Doctor, and famous Spyware Doctor with Antivirus broadly available to nonprofits and libraries — and now to your members and users as well. 

Each of the three products includes 3 licences that can be installed on 3 different machines (for a total of 9 installations) so not only can your organization use their spyware, antivirus, and registry cleaning tools to keep your computers functioning well, but you can share them with the individuals you serve. According to the restrictions:

Does your organization have a plan to keep your technology, data, and assets protected in the event of an emergency or disaster? What if it's not an actual disaster like a hurricane or flood, but a staff member simply loses or breaks a laptop carrying essential supporter data? How much time or money might your organization spend trying to recover even a fraction of what's been lost? If these questions have crossed your mind and your answers are less than ideal, you should join us for our two-part webinar series on disaster planning to protect your technology.

Join me on Thursday, August 20 at 11 a.m. Pacific as I interview nonprofit tech expert Chris Shipley from Nutmeg Consulting and Elliot Harmon, TechSoup staff writer and editor of our soon-to-be-released The Resilient Organization: A Guide for Disaster Planning and Recovery. We'll also be joined by Michelle Baldwin, Executive Director of Volunteers in Service to Others, which runs the Cooke County emergency food bank. They experienced a flood two years ago and she'll be offering advice for other nonprofits trying to plan ahead.

TechCrunch, the popular technology blog, just published a survey and matrix on some online apps to share large files. We had a forum thread on a similar topic a few weeks ago, and as the responses in the blog post and forum thread suggest, there is no clear "winner" in this field, and the best tool for you will depend on your organization's needs.

Back in March we blogged aobut how URL-shortening services could pose a threat on social networking sites such as Twitter. The Wall Street Journal blog is now reporting that they may be doing something about it.

Although Twitter hasn't officially responded, the blog is reporting that tweets with links to suspicious sites will be deleted, with a message "Oops! Your tweet contained a URL to a known malware site!."

The recent theft of confidential documents from Twitter's Google Docs account points out the dangers of insecure passwords. NTEN's blog discusses the details of the break-in and lessons we should learn from it. The chief lesson: good passwords are key to good security. 

A 2007 NTEN post provided suggestions and resources for creating strong passwords and establishing a password policy.  More recently, Slate.com published an article called Fix Your Terrible, Insecure Passwords in Five Minutes with general password tips and a clever algorithm for developing strong passwords. You can also look at TechSoup's Security Corner for more tips, articles, blog posts, and resources on securing your information. 

Photo: Paul Linton

The front-page headlines read "Hacker steals Twitter's confidential documents," but the real story isn't about Twitter — it's that the stolen documents were stored online, "in the cloud." This could happen to any nonprofit or company storing data this way. As we've seen over and over, it's amazingly easy to guess or steal passwords. And anyone who gets access to the password of an employee with access to those online files gets access to all files shared with that employee. This can happen with internal network passwords as well, but there are differences:

• IT staff can require secure passwords for their own networks and email systems. They can't control the password requirements for web-based email accounts or cloud computing apps.
• IT staff can require employees to change their network passwords regularly. They can't do that for cloud apps.
• IT staff can test the security of passwords on their own networks. Do they do that with their employees' Google Doc passwords?
• IT can disable email and network accounts for former employees. Does anyone think to disable those employees' access to docs in the cloud?
  
  • Read more

Have you ever checked out TechSoup's Disaster Planning and Recovery Toolkit? It's a good place to turn for any organization whose tech infrastructure has suffered a disaster, natural or otherwise. We're overhauling the manual and toolkit, and we need your help!

If you have ten minutes to spare, please take our Emergency Preparedness Survey for Nonprofits and Public Libraries. Even if you haven't been impacted by a disaster, your input is still important. We want to learn what steps organizations are going through to protect their computers and data, even if they've been fortunate enough not to experience a disaster.

The survey is completely confidential, but if you are interested in sharing more information, we're also looking for people to interview about their own experiences in disaster preparation and recovery. The survey will give you the opportunity to express your interest in further participation.

We will select one respondent at random to receive a $25 Amazon.com gift certificate. Respond by July 10 to be eligible for the drawing. Please forward this survey to your colleagues at nonprofits, NGOs, or libraries. The survey is open to organizations anywhere in the world.

Photo: Random McRandomhead, CC license

If you're a ThinkPad user, you may have noticed for some time now that the ThinkVantage System Update (TVSU) feature is no longer available for your laptop. TVSU is a tool that automatically checks for, downloads, and installs the latest updates for your computer. Up until now, updating drivers and software on the ThinkPad has been a breeze: just a click of a button and the update tool took care of the rest.

However, as of late March this year, ThinkPad users have been unable to run TVSU on their ThinkPads. With the TVSU feature gone, users are now forced to look for new updates themselves and install them on their machines manually. For advanced users like me, this isn't such a big deal. But if you're a novice user, obtaining some of these new updates isn't always as straightforward as simply downloading them to your ThinkPad. Often some additional steps are required for you to successfully install these updates on your laptop; steps that might include "unpacking" the file after you download it, followed by running the "executable" to complete the installation process. For busy nonprofit staff, who may not be advanced users, these steps can prevent necessary updates altogether.

The beauty of TVSU was that it easily handled all of these steps automatically for you. For me, this actually made the process of updating my W500 ThinkPad enjoyable. But without TVSU, keeping a ThinkPad up to date has now become a chore. Users must now take the time to visit a Lenovo Downloads and Drivers page in order to manually keep track of and install the latest updates available for their ThinkPads.

Did you attend last week's NTC and missed out on some sessions? I know I wish I could have been cloned.

Even if you didn't attend any of the sessions some of the speaker presentations are available on the NTEN Web site, including the one that Becky and I did, From Basic to Advanced: Trends, Tools and Tales to Ensure Basic Nonprofit Security.

So check it out and catch up on the topics that you may have missed at NTC. Maybe it will help tide you over until next year's NTC in Atlanta, Georgia.