Partner Program: Operational Security: Keeping Your Devices, Data, and Communications Safe

NOTE: This is a partner program through the National Council of Nonprofits, not hosted by Nonprofit Connect. 
 

This intermediate‑level session builds on foundational operational security concepts and moves into the practical realities of protecting organizational, staff, and client data in real‑world conditions. Following a brief refresher on key fundamentals, participants will explore how nonprofits can strengthen data protection through clear policies, shared expectations, and everyday operational practices. The session focuses on reducing risk across common scenarios such as device loss or theft, staff transitions, heightened public scrutiny, and routine remote or hybrid work.

Participants will examine tradeoffs around using personal devices for work. The session highlights how thoughtful rules, checklists, and staff habits can significantly increase security even with limited resources. Attendees will leave with practical strategies to clarify internal expectations, protect sensitive data, and enhance organizational resilience beyond day‑to‑day operations.

Audience: 
Nonprofit staff, managers, and leaders; anyone who uses devices to communicate, store information, or work with sensitive data.

Meet the Trainer

Patrick Lucey is a program officer for a local Vermont-based non-profit. Previously, however, he worked as a cybersecurity consultant at a small firm based in Berlin, Germany and still maintains the “Certified Information Systems Security Professional” (CISSP) professional certification. Patrick brings over a decade of hands-on experience built entirely through self-teaching and real-world problem solving.