Established in 2016, Marengo Systems Foundation is the nonprofit branch of Marengo Systems. We creatively use new technology to simplify and secure charity IT, often lowering cost as a by-product.
It started at the South Bay WASP - Web App Security Pen-Testers Meetup which Marengo Systems now sponsors. After studying a never-ending history of computer security incidents, we realized there are a few common preventable problems causing security & reliability issues. And many cash-strapped charities don’t taken advantage of recent innovations that lessen these problems. Our goal is to rectify that.
It starts with an audit
We first do an audit of the exising IT: documentation, processes & procedures, asset management, hardware, software, networking, and services. Typically there are three areas for improvement: getting organized, outsourcing to the cloud, and more secure on-premises hardware.
We like The Noflake Manifesto which emphasizes documentation, automation, and version control. The goal is to update IT processes & procedures so that every computing device can be rebuilt without data loss. Upon completion, the charity will have a proper inventory, disaster recovery plan, with the confidence that they can recover whatever the problem.
Outsourcing to the cloud
Charities can’t match Amazon, Google, and Microsoft IT
There’s no way the typical charity can match the world-class cloud IT offered by Amazon, Google, and Microsoft. They have an extensive & growing range of services, continually drive down costs, all while complying with standards like PCIDSS, HIPAA, and more. Using their services dramatically increases charity security, redundancy, and reliability while driving down complexity and costs.
Cloud office products are free
Charities get free/inexpensive office products so there’s little excuse not to use cloud services. Google Apps for Nonprofits is free and Google Apps with unlimited storage and Vault is inexpensive. To understand Google security start with How Google handles your data. Office 365 Nonprofit plans and pricing has details about Office 365 free & paid version capabilities. To understand Microsoft security start with Microsoft Trust Center and specifically Security in Microsoft Office 365 (white paper). Microsoft Product Donations are handled by techsoup.
Other cloud services are incredibly cheap
The Atchai static website uses Amazon S3 and Amazon CloudFront – Content Delivery Network (CDN): “The best part of this high-availability hosting solution that’s served from a global CDN is the cost, clocking in at less than £1 /month in total” (from The CMS is dead. Long live Hugo, Wercker, Prose.io and CloudFront). Static websites are incredibly secure, insanely cheap, and massively scalable.
More secure on-premises hardware
Vendors like Ubiquiti Networks offer inexpensive wireless and routing & switching products, allowing charities to cheaply isolate network traffic and manage their networking devices. Google Chromebooks are not for everybody, but when they fit they can be a big security and cost win.
The end goal
Ideally, the cloud allows a local office to approach the simplicity of a home office: no server infrastructure, leaving only client machines, peripherals, and network devices. While this simplicity is not always realized, outsourcing to the cloud does lead to simpler, more secure, and often cheaper IT. Add local traffic segmentation and secure Chromebooks to dramatically improve end-client security. Simple and secure.
To find out about what we can do for you, give us a call or send us an email.