Tag Archives: civicrm

CiviCRM and the Poughkeepsie Farm Project

Every year since I first started volunteering for the Poughkeepsie Farm Project we’ve had a pow wow in the fall about what would be the right task list for me to try to get ready by the start of the season in May. For the past couple of years all my focus has been on the website.

This year, things are different. While there are still a few things I’m going to do to the website, I’m diving into a brand new space. The PFP, like many organizations it’s size, is largely run by lots of disconnected spreadsheets. A for instance, asking a question about who attended both key fundraising events last year requires hours of effort, as those attendee lists are in completely different formats in different places. So the focus is going inwards, and we’re going to see how much better we can make this with CiviCRM.

CiviCRM is an open source customer relationship manager that attaches to an existing Drupal (or Joomla or WordPress) installation. It can handle donations, membership management, event planning and ticketing (including online payment). It was not where I started the investigation, but when I finally came across CiviCRM, and ran it through it’s paces, I was quite happy with what I saw. I’m also really impressed by the development community, who has been super helpful. I’ve gotten a couple of minor patches in already (and working on some more major ones).

This is going to be a really interesting journey at many levels. To do this right I’m really learning how the internals of a small non-profit works, and how we map the concepts across. We’ve got some good check points in place, and I think reasonable goals on what¬†functionality¬†I can get online this year. It’s probably a 2 year journey before we really take full advantage of what it can do for us. I’ll be writing about this journey here, and also talking about it very regularly at our Hudson Valley Drupal Meetup. So if you are in the area and are contemplating implementing CiviCRM, or have and could share, come out and find us.

Things we sometimes forget

Last night I was reading though the CiviCRM documentation, which is actually incredibly well written for tech docs. I came across the following, which stopped me in my tracks.

Data storage jurisdiction

As mentioned before, CiviCRM can be run from the server or from the cloud. When working with issues around human rights, or if an organisation is gathering sensitive information about a country’s government or its officials, it is quite important to know where your data is stored. This is especially important when data is stored “in the cloud”, when it’s not obvious where the data is physically stored. Not getting into details, it might be good to have detailed information about where the servers are physically located, and which country’s jurisdiction is used in case of governmental requests for information.

Other security concerns

It should be remembered that many successful attempts of unauthorised access don’t have too much to do with IT systems security. It’s often social engineering, physical access to server and client machines or using violence against people who have authorised access to data that are responsible for break-ins. Therefore, making sure that data is secure requires also extensive, on-going training of system users and making sure that they are familiar with all the necessary precautions.

Right. This software is getting used by organizations in countries where governments are actively trying to get this data to stomp out political unrest. While I’d still have to worry about security for my deployments, I don’t have to worry about the worst of this. But for many people, in many parts of the world, this is a real and present danger.

That’s important not to forget.