I’ve just been chatting with a CC member – let’s call him ‘Fred’ – who is setting up a wordpress.org-based site for his CC. Among other things, we touched on a continuity issue – basically, what happens if the CC webweaver suddenly becomes unavailable? I believe that many CCs have a single ‘IT member’ who is responsible for everything digital – including setting up email accounts on his or her colleague’s devices, administering websites, communicating via any social media or ‘traditional’ digital channels the CC uses (that is, the CC’s main email account) and so on.
Of course, I could be painting a worst-case picture here, although Fred, who works in digital communication, makes the very valid suggestion that the worst possible case is a stale, out-of-date online presence. That is, an organisation that has fumbled the e-communication ball may look worse than one that hasn’t – yet – joined the game. But I digress, so back to the plot.
All these channels will have login details, probably an email address or username along with a password. Ideally they will all be different, especially the passwords. But that just adds to the problem of what to do if the webweaver falls under a tram. How can someone else take over without being able to log in? The obvious answer is that more than one person should know the login details – let’s call these people ‘backup bods’. But that places the backup bods under an obligation to remember or store login details safely. And if the webweaver ever changes the passwords, then he or she will need to ensure that the backup bods know these changes, as well as ensuring that the people and devices that use them get updated too.
And that could be a logistical nightmare. In the early 2000s, I set up a website and emails for a local Fairtrade body. I spent a lot of time helping people set up extra email accounts on their devices, dealing with all sorts of cranky email clients. And because some of my colleagues lived far out of town, I spent quite a while getting to and from them. It was an education in technology and people – and probably good for me because getting to my out-of-town colleagues involved cycling up a lot of hills. Back to the plot again.
A better answer to the ‘how can someone else take over?’ question is that login details should automatically become available when this is necessary. Let’s assume that the backup bods are the CC’s office-bearers and the webweaver is the secretary – and that he or she has just gone to the great CC meeting in the sky. So it’s necessary for the new secretary to take over the firstname.lastname@example.org email account, and start maintaining the website. How can they do so without knowing the login details for these channels?
The best solution I’ve come across is that the surviving office-bearers can contact an online place-of-safety which will then email them the full set of login details. It will also allow them to add the new secretary-webweaver to this group. Finally, if passwords are changed – which should happen immediately after office-bearers change – then the system also automatically informs the updated group about these changes.
Another digression – why should passwords be changed? Not to limit the time that a cybernasty has to do bad things but mostly so that the CC can demonstrate that it ensures that only appropriate people can access the CC’s data – especially data pertaining to people outside the CC.
The anticlimax for this post is that I can’t actually tell you any details of how to implement this online place-of-safety. The example I’ve been told about is based on Google-provided facilities, but I’ve not been able to wheedle any more details or find any more details myself. Bah!