IT GUIDE

Learning Document

August, 2024

IT Desk
NATIONAL SPIRITUAL ASSEMBLY OF THE BAHA’IS OF UGANDA
Table of Contents
INTRODUCTION.....................................................................................................................................1
INTERNET AND NETWORK BASICS.........................................................................................................2
IT INFRASTRUCTURE OVERVIEW............................................................................................................3
OFFICIAL COMMUNICATION PLATFORMS AND CHANNELS...................................................................7
DATA MANAGEMENT..........................................................................................................................15
MONITORING AND MANAGING ONLINE PRESENCE............................................................................21
CONCLUSION AND ADDITIONAL RESOURCES......................................................................................24

1
INTRODUCTION
This guide is prepared by the IT Desk on behalf of the National Spiritual Assembly of the Baha'is of
Uganda and it is aimed at empowering individuals with the knowledge and tools necessary to
harness the transformative power of technology in their personal and professional endeavours.

In today's interconnected world, where the internet serves as both a gateway to boundless
opportunities and a potential source of threats, understanding the principles of proper internet
usage and network security is paramount.

As we increasingly rely on the internet for communication, entertainment, and information, the
importance of safeguarding our online presence cannot be overstated. From protecting personal
data to defending against cyber threats, adopting best practices in internet usage and network
security is essential for individuals, agencies, and institutions alike.

In this guide, we will explore fundamental concepts such as password management, safe browsing
habits, secure communication practices, and the importance of software updates. Additionally, we
will delve into more advanced topics including encryption techniques, malware detection, and
strategies for mitigating cyber attacks.

 Understanding the importance of proper usage

The internet has revolutionized the way we communicate, work, learn, and interact with the world
around us. However, with this unprecedented level of connectivity comes inherent risks. From cyber
threats to privacy concerns, the importance of practicing proper internet and network usage cannot
be overstated. By understanding the potential risks and adopting best practices, individuals can
safeguard themselves and their data from harm.

 Risks associated with internet and network use

In our interconnected world, the internet is teeming with potential threats ranging from malware
and phishing scams to identity theft and cyberbullying. Without proper precautions, users may
inadvertently expose themselves to these risks, leading to financial loss, reputational damage, or
even personal harm. It's essential to recognize these risks and take proactive measures to mitigate
them.

 Goals of the guide

The primary goal of this guide is to empower individuals, agencies and institutions with the
knowledge and tools necessary to navigate the internet and networks safely and responsibly. By
providing insights into the potential risks, offering practical advice, and outlining best practices, we
aim to help develop a deeper understanding of proper internet and network usage. Ultimately, our
goal is to foster a culture of digital citizenship where individuals can harness the power of the
internet while protecting themselves and others from harm.

INTERNET AND NETWORK BASICS

Internet and network basics include the foundational concepts and components that form the
infrastructure of the internet and enable communication and data exchange between devices.

2
As individuals, agencies and institutions it is crucial to understand internet and network basics
because these internet and network basics provide a solid foundation for navigating the complexities
of modern communication and information exchange on the internet.

 Internet

The internet is a global network of interconnected computers and devices that communicate with
each other using standardized protocols. It allows users to access and share information across vast
distances almost instantaneously.

 Network

A network is a collection of devices such as computers, servers, routers, switches, and printers
interconnected to share resources and information. Networks can be categorized based on their
geographic scope.

Local Area Network (LAN); A network confined to a small geographic area, such as a home, office, or
campus.

Wide Area Network (WAN); A network that spans a large geographic area, often connecting multiple
LANs across cities, countries, or continents.

Wireless Local Area Network (WLAN); A type of LAN that uses wireless communication technologies,
such as Wi-Fi, to connect devices.

 Firewalls

Firewalls are security devices or software applications that monitor and control incoming and
outgoing network traffic based on predetermined security rules. Firewalls help protect networks
from unauthorized access, malware, and other security threats.

Network security

Firewalls. These are systems that monitor and control incoming and outgoing network traffic,
blocking unauthorized access.

Encryption. This is the process of converting plaintext data into unreadable ciphertext to protect it
from unauthorized access.

Authentication. This is the process of verifying the identity of users, devices, or systems.

Access control. This is the process of restricting access to network resources based on user identity,
role, or permissions.

IT INFRASTRUCTURE OVERVIEW
A robust IT infrastructure is foundational to the efficient operation of any organization. This section
provides an overview of the key components of IT infrastructure, focusing on hardware and software
management, including servers, network devices, end-user devices, operating systems, and various
software applications.

Hardware Management

3
Effective hardware management ensures that all physical components of the IT infrastructure are
functioning optimally, are well-maintained, and meet the organization's needs.

The key aspects of hardware management

1. Server management

Server management refers to the process of monitoring and maintaining servers to ensure they
operate at peak performance. It involves a range of tasks, including hardware and software
configuration, monitoring, security updates, and troubleshooting, to guarantee the correct
performance of different types of servers, such as web servers, database servers, and file servers.

Types of servers

Physical servers. These are dedicated machines that provide services such as file storage, web
hosting, email management, and application hosting. They may include rack servers, blade servers,
and tower servers.

Virtual servers. These are software-based environments that simulate the functionality of physical
servers, offering flexibility and resource efficiency. They are managed using hypervisors like VMware,
Hyper-V, or KVM.

Server maintenance

Regular updates ensuring that the operating systems and applications on servers are regularly
updated to address security vulnerabilities and improve performance.

Monitoring by implementing monitoring tools (e.g., Nagios, Zabbix, SolarWinds) to track server
performance, uptime, and resource utilization.

Backup and redundancy by establishing backup protocols and redundancy measures configurations,
failover clusters, and offsite backups to protect against data loss.

2. Network devices

Network devices are hardware components that connect to a network to facilitate communication,
data transfer, and routing between devices. They play a crucial role in building and maintaining a
computer network, allowing devices to communicate with each other and share resources.

Types of network devices

Routers. These are devices that route data between different networks, directing traffic efficiently.

Switches. These are devices that connect multiple devices within the same network, facilitating
communication between them.

Firewalls. Are security devices that monitor and control incoming and outgoing network traffic based
on predetermined security rules.

Access points. These are devices that allow wireless devices to connect to the wired network,
providing Wi-Fi connectivity.

Device management

Configuration by properly configuring network devices to ensure they perform optimally and
securely. This includes setting up VLANs and other networking protocols.

4
Security by implementing strong security measures such as secure passwords, disabling unused
ports, and using firewalls and intrusion detection/prevention systems.

Monitoring and troubleshooting by using network management tools to monitor network traffic,
detect issues, and perform troubleshooting.

3. End-user devices

End-user devices are hardware components that allow individuals to interact with a computer
network, access resources, and perform various tasks. These devices are typically used by end-users,
such as staff to carry out their respective responsibilities.

They include the following

Computers

Desktop computers which are workstations used by staff for day-to-day tasks. Management includes
hardware upgrades, software installations, and troubleshooting.

Laptops which are portable computers for mobile staff. Management involves ensuring they have
adequate security and that they are regularly updated.

Printers and peripherals

Printers which are managed by ensuring proper drivers are installed, performing regular
maintenance (e.g., replacing cartridges, cleaning), and troubleshooting printing issues.

Scanners, Projectors, and other peripherals which are managed by ensuring compatibility with
systems, regular maintenance, and proper connectivity to the network or individual computers.

Inventory management

Asset tracking by keeping an accurate inventory of all end-user devices to track usage, warranties,
and lifecycles.

Procurement by ensuring that new devices are procured based on the Faith’s needs, with
considerations for cost-effectiveness, performance, and compatibility.

Software management

Software management refers to the process of planning, designing, implementing, and maintaining
software applications to meet the needs of an organization. It involves managing the entire software
lifecycle, from development to deployment, to ensure that software systems are efficient, effective,
and aligned with objectives of the organisation.

This includes operating systems, productivity software, and specialized applications.

1. Operating systems

Operating Systems (OS) are software that manage computer hardware resources and provide a
platform for running applications. They act as an intermediary between computer hardware and
user-level applications, controlling the allocation of system resources such as memory, CPU time, and
storage.

Types of operating Systems

5
Windows which are commonly used on desktops and servers within the organization, known for its
user-friendly interface and wide range of supported applications.

Linux which are often used on servers due to its stability, security, and cost-effectiveness, as well as
on desktops for users needing specialized applications.

MacOS which are used primarily by creative professionals within the organization, known for its
robust performance and integration with other Apple products.

Operating systems management

Installation and configuration through properly installing and configuring operating systems to
ensure compatibility with hardware and software.

Updates and patch management by regularly applying updates and security patches to protect
against vulnerabilities and improve performance.

Security settings by implementing security configurations such as firewalls, encryption, and user
account controls to protect against unauthorized access.

2. Productivity software

Productivity software refers to a type of software that helps individuals and organizations manage
their time, tasks, and resources more efficiently, thereby increasing their productivity. These tools
enable users to streamline their workflows, prioritize tasks, and collaborate with others to achieve
their goals.

They include software such as;

Office suites

Tools like Microsoft Office, LibreOffice, or Google Workspace that provide essential applications such
as word processing, spreadsheets, presentations, and email.

Communication tools

Software like Microsoft Teams, Slack, and Zoom that facilitate internal and external communication.

Management of productivity software

Licensing and compliance by ensuring that all productivity software is properly licensed and
compliant with relevant regulations.

Updates by regularly updating software to ensure access to the latest features and security
improvements.

User training by providing training for staff on how to effectively use productivity tools to maximize
efficiency.

3. Specialized Applications

Specialized applications are software programs designed to perform specific tasks or functions, often
requiring unique expertise or knowledge. These applications cater to specific industries, professions,
or activities, and are typically used by professionals, businesses, or organizations.

Types of specialized applications

6
Database management systems. Software such as MySQL, PostgreSQL, or Microsoft SQL Server used
to manage and interact with large datasets.

Customer relationship management (CRM) Systems. Tools like Salesforce or HubSpot used to manage
interactions with donors, volunteers, and other personnels.

Content management systems (CMS). Platforms like WordPress or Joomla used to manage the
organization’s website and online content.

Application management

Installation and configuration by ensuring that specialized applications are properly installed and
configured to meet the Faith’s needs.

Integration with other systems. Facilitating seamless integration between specialized applications
and other systems used by the Faith.

Support and maintenance by providing ongoing support for specialized applications, including
troubleshooting issues, performing updates, and ensuring compatibility with other software and
hardware

Proper management of both hardware and software components within the IT infrastructure ensures
that the Faith operates smoothly and securely. Regular maintenance, updates, and monitoring are
critical to maintaining the efficiency and effectiveness of the IT environment.

OFFICIAL COMMUNICATION PLATFORMS AND CHANNELS

Official communication platforms and channels serve as the backbone of internal communication,
enabling the exchange of information among individuals, agencies and institutions and collaboration
on projects of service.

1. Emails

Email has remained one of the most widely used forms of official communication within our agencies
and institutions. It allows for formal correspondence, sharing of documents, and coordination among
the friends.

As per guidance from the NSA, there has been a creation of official email addresses for the various
agencies, institutions and individuals serving in the different capacities. These official emails vary
from other emails in that they have a specific domain name as bahaiug.org different from the other
emails whose domain is usually gmail.com.

Why create official emails?

Official email addresses convey a sense of professionalism and credibility. These email addresses are
typically hosted on secure servers with robust cybersecurity measures in place. This reduces the risk
of unauthorized access, data breaches, and email spoofing compared to using personal email
accounts.

Using official email addresses enables centralized communication within the different agencies and
institutions and they facilitate documentation and record-keeping of important communication.

7
Official emails further ease the transition of the email address to new staff should the need ever
arise since they contain records of all the previous communications carried out using that particular
address thus streamlining the communication process.

Structure of Official emails

The official emails are of 2 different types all combined into 1. First, there is the address that ends
with the bahaiug.org domain. Its format is usually the name of the institution/agency and then the
domain such as; [email protected]

example = institution/agency

@ = symbol

bahaiug.org = domain name

This email has its own work space where emails can be retrieved and sent from and the space looks
as shown below;

Ideally, official communications could be carried out using the above workspace but due to the
unfamiliarity with the workspace there arose the need to link the official emails to Gmail addresses
to serve as a workspace.

Using the above example, a Gmail address is created; [email protected] which is then linked with
the official address of [email protected]. It is crucial to note that the Gmail address is not the
official email but rather acts as a workspace where the communications are retrieved and send from.

8
Process of linking the addresses

The process of linking the addresses is comprised of various steps as shown below;

Create the official email address and host it

Create the Gmail address which should be in the format of the official email

Open the settings on the Gmail address

Add the official email account on the Gmail account

Confirm the link in the official email inbox

9
Set the official email on default

It is important to also note that despite having the Gmail account linked with the bahaiug.org
account, the former is not the official address for communications but rather provides a workspace
for the communications.

Email Security

These measures taken to protect email accounts, communication, and data transmitted via email
from unauthorized access, interception, and malicious attacks.

Institutions and agencies need to ensure email security in order to safeguard the confidentiality,
integrity and protect against malware.

 Confidentiality

Emails often contain sensitive information and if intercepted by unauthorized individuals, this
information can be exploited for malicious purposes, leading to identity theft, financial loss, or
reputational damage.

 Integrity

Ensuring that emails are not tampered with during transit is essential. Hackers may attempt to alter
the content of emails to deceive recipients or manipulate transactions. Email security measures such
as encryption and digital signatures help maintain the integrity of messages.

 Protection against malware

10
Emails are a common vector for distributing malware such as viruses, ransomware, and trojans.
Effective email security solutions include antivirus scans and sandboxing techniques to detect and
quarantine malicious attachments or links before they can harm the recipient's system.

How to ensure email security within our agencies and institutions?

 Authentication

This involves the verification of the identity of both the sender and the recipient. It is vital for
preventing email spoofing and phishing attacks. Without proper authentication mechanisms in place,
malicious actors can impersonate legitimate senders or create fake accounts to deceive users into
divulging sensitive information or executing malicious actions.

In order to ensure strong authentication, it is paramount to use multi-factor authentication since it

helps to add an extra layer of security beyond passwords.

Multi-factor also known as two-factor or two-step verification is a security system that requires users
to provide two or more forms of verification before gaining access to their supposed accounts. The
process may involve the need to enter a password, use a code generated from the authenticator app
of the phone and the use of biometric identifiers unique to each individual.

 Deploy anti-malware solutions

Install and regularly update anti-malware software to scan incoming and outgoing emails for
malicious attachments or links. This helps prevent malware infections and reduces the risk of
spreading malware to other users.

2. Websites

Websites serve a vital role when it comes to conveying official communications. They offer a reliable
and centralized platform for disseminating information, engaging with the wider communities, and
providing services.

Currently the National Spiritual Assembly of the Baha’is of Uganda has one official website managed
by the office of external affairs in collaboration with the IT support of the National Secretariat. There
is another website dedicated to individuals applying for service that is also under development.

Apart from that, the Bahai international community has websites that are used by the different
Baha’is around the world.

11
Content generation for the official websites.

In order to effectively convey our online presence, the need to get up-to-date content to be
uploaded on the website is a point of importance. In doing so the following have to be put into
consideration in regards with the website;

 Establish and maintain high-quality standards for all content. This includes well-written,
error-free text, high-resolution images, and professional videos.
 Ensure that content is relevant to our audience's needs and interests. This involves
understanding our audience and tailoring content accordingly.
 Include a mix of content types such as articles, images, videos, and audios to cater to
different audience preferences.

In order to ensure the above, the team charged with management and update of the websites needs
to conduct appropriate steps aimed at ensuring the approval of content;

 Implement a content approval process. Content should be reviewed for accuracy,

compliance, and quality before publication.
 Clearly define roles and responsibilities for content creation, review, and approval. This
includes assigning editors, fact-checkers, and subject matter experts.
 Regularly update content to keep it current and relevant. This includes news, product
information, and other essential updates.
 Develop a system for archiving outdated content while ensuring it remains accessible for
reference if needed.

Accessibility and Inclusivity of the official websites

Ensuring accessibility and inclusivity on the official websites is essential for reaching a broader target
audience and providing an equitable user experience for everyone, including individuals with
disabilities. Here are some steps that will help ensure accessibility and inclusivity of our official
websites.

1. Design and layout

The website team must ensure that our website is fully responsive, meaning it works well on all
devices, including desktops, tablets, and smartphones.

12
The need to use consistent navigation throughout the site to help users understand and predict
where they are and how to get to where they need to go.

The team should further ensure sufficient contrast between text and background colours to make
content readable for users with visual impairments. Use legible fonts and appropriate font sizes.

2. Inclusive Content

Inclusive language that is free from bias, stereotypes, and discriminatory language should be
implemented and used. This makes all users feel welcome.

The team should ensure that images, videos, and other media reflect a diverse range of people and
situations.

The content should be provided in multiple formats (e.g., text, audio, video) to cater to different
preferences and needs.

3. Training and Awareness

There should be training for the web development and content creation teams on accessibility
standards and inclusive design principles.

This training and awareness are crucial components in ensuring that web development and content
management teams understand and apply best practices for accessibility and inclusivity

Provide comprehensive initial training for all team members involved in web development and
content management. Cover topics such as accessibility standards (e.g., WCAG), inclusive design
principles, and relevant legal requirements.

Implement regular training sessions to keep the team updated on new technologies, standards, and
best practices. This could be in the form of workshops, webinars, or online courses.

3. Social media channels

Social media channels are increasingly being utilized as official communication platforms. These
channels offer a wide array of benefits and functionalities that enhance an organization's ability to
connect with various individuals.

Currently the National Spiritual Assembly of the Baha’is of Uganda has some official social media
platforms such as the official X page @bahaiug and other various WhatsApp groups where different
communications are conveyed.

13
All these channels are essential due to their various advantages and benefits as platforms for
conveying official communications. Here are some of the most notable advantages of using these
channels;

 Enhanced reach and accessibility

 Real-time communication
 Engagement and interaction
 Cost-effective communication

Best practices for using social media as an official communication platform

Clear communication policies by developing and enforcing social media policies that guide the
creation and management of content, ensuring professionalism and consistency.

Engage responsibly by responding promptly to comments and messages, maintaining a respectful

and constructive tone.

Transparency and authenticity by being transparent about organizational updates and developments,
and ensure that communications are authentic and trustworthy.

Monitor and moderate by regularly monitoring social media channels for feedback and engaging
with the friends and audience, while also moderating comments to prevent misinformation and
inappropriate content.

Consistent branding by ensuring that all social media profiles are consistently branded with the
organization’s logo, colours, and messaging.

Social media security

Social media security is crucial for protecting personal information and maintaining privacy in an
increasingly connected world. Here are some of the ways that can be used to uphold social media
security.

Privacy settings

Adjust the privacy settings on each social media platform to control who can see your posts, profile
information, and contact details. Avoid sharing sensitive information like your home address, phone
number, or financial details.

Password security

Use complex and unique passwords for each social media account. Enable two factor verification for
an additional layer of security.

Be cautious with links and downloads

Be wary of clicking on suspicious links or downloading files from unknown sources. Ensure your
devices are protected with up-to-date antivirus software.

Monitoring and alerts

Regularly monitor your account activity for any unusual behaviour. Set up alerts for login attempts
and other important actions to stay informed about potential security issues.

Social engineering awareness

14
Be cautious of unsolicited messages asking for personal information or urging you to take immediate
action. Confirm the identity of people you interact with, especially if they ask for sensitive
information.

Safe browsing practices

Safe browsing practices are essential for protecting your personal information and maintaining your
online security.

 Use strong, unique passwords to ensure your passwords are complex and unique for each
site. Use a mix of letters, numbers, and special characters.
 Enable Two-Factor Authentication and whenever possible, enable 2FA to add an extra layer
of security to your accounts.
 Keep software updated by regularly updating your operating system, browsers, and other
software to protect against the latest security threats.
 Be wary of phishing scams and do not click on links or download attachments from unknown
or suspicious emails. Verify the sender's identity if in doubt.
 Use secure connections to ensure the websites you visit use HTTPS, which indicates a secure
connection.
 Install and update antivirus software and use reputable antivirus software and keep it
updated to protect against malware and other threats.
 Regularly back up data since regular backups can protect your data from loss due to
malware, hardware failure, or other issues.
 Limit personal information sharing by being cautious about the amount and type of personal
information you share online, especially on social media.
 Monitor your accounts by regularly checking your online accounts and bank statements for
any unusual activity.

Password management

Strong password management is critical for safeguarding your accounts and sensitive information.

Guidelines for proper password management

 Create strong passwords by using a combination of uppercase and lowercase letters,

numbers, and special characters. Avoid using easily guessable information like birthdays or
common words.

 Use a password manager by incorporating tools like LastPass or Bit warden which can
securely store and manage your passwords, reducing the risk of forgetting them or using
weak passwords.

 Enable Two-Factor Authentication, whenever possible, enable 2FA on your accounts. This
adds an extra layer of security by requiring a second form of verification, such as a code sent
to your phone.

 Change passwords regularly through updating your passwords periodically and avoid reusing
the same password across multiple accounts.

 Do Not share passwords. Never share your passwords with others, and be cautious of
phishing attempts that try to trick you into revealing your login credentials.

Secure communication

15
Maintaining the confidentiality and integrity of our communications is vital to protecting sensitive
information and maintaining trust.

Secure communication methods

 Use encrypted Email, for sensitive or confidential information, use email encryption tools to
ensure that only the intended recipient can read the message.

 Use encrypted messaging apps. Apps like WhatsApp offer end-to-end encryption, making
them suitable for secure messaging.

 Be aware of phishing attacks. Be vigilant against emails or messages that attempt to trick you
into providing sensitive information. Look for red flags such as unfamiliar senders, urgent
language, or unexpected attachments.

 Verify recipients before sending sensitive information, double-check the recipient's email
address or phone number to ensure it is correct.

Mobile device security

Mobile devices are an integral part of our daily work, but they also pose significant security risks if
not properly managed.

Tips for securing mobile devices

 Use a strong passcode or biometric lock. Ensure that your device is locked with a strong
passcode, fingerprint, or facial recognition to prevent unauthorized access.

 Keep software updated. Regularly update the device's operating system and apps to protect
against vulnerabilities.

 Install antivirus software. Use reputable antivirus apps to scan for and protect against
malware.

 Enable remote wipe. In case your device is lost or stolen, ensure you have the ability to
remotely wipe the data to prevent unauthorized access.

 Be Cautious with App Permissions: Review the permissions requested by apps and only grant
access to what is necessary. Avoid downloading apps from untrusted sources.

Public Wi-Fi safety

Public Wi-Fi networks are convenient but can be a security risk if not used carefully.

Best practices for using public Wi-Fi

 Avoid accessing sensitive information. Refrain from accessing sensitive accounts, such as
email or online banking, when connected to public Wi-Fi.

 Use a VPN: A Virtual Private Network encrypts the internet connection, making it safer to use
public Wi-Fi. Ensure that the VPN is enabled whenever you connect to an unsecured
network.

 Forget the network after use. After using public Wi-Fi, disconnect and forget the network to
prevent your device from automatically reconnecting in the future.

16
  Disable File Sharing: Ensure file sharing and Airdrop are turned off to avoid unauthorized
access to your files.

DATA MANAGEMENT
This is a process of collecting, storing, organizing, and maintaining data in a way that ensures its
accuracy, accessibility, reliability, and security. It is a broad discipline that encompasses various
practices, tools, and policies aimed at efficiently handling data throughout its lifecycle—from
creation or acquisition to disposal.

Data is one of our most valuable assets, and protecting it is crucial to any organization’s system.

Data backup

Data backup is the process of creating copies of data to protect against loss, corruption, or disaster.
Backups are a critical component of an organization's data protection strategy, ensuring that
important data can be restored in case of accidental deletion, hardware failure, cyberattacks, or
other unforeseen events.

Types of data backups

1. Full backup

A complete copy of all data since it simplifies the restoration process since all data is contained in a
single backup.

It requires more storage space and takes longer to complete. It is typically performed on a regular
basis (e.g., weekly) as part of a broader backup strategy.

2. Incremental backup

Copies only the data that has changed since the last backup (whether full or incremental). It Requires
less storage space and time compared to full backups.

Restoration may take longer because it requires combining the full backup with all subsequent
incremental backups. It is often performed daily or even more frequently to minimize the amount of
data lost between backups.

3. Differential backup

Copies all data that has changed since the last full backup. It is faster restoration compared to
incremental backups since only the full backup and the latest differential backup are needed.

Requires more storage space and time than incremental backups and it is commonly used in
conjunction with full backups as a compromise between full and incremental backups.

4. Mirror backup

An exact copy of the source data, stored in real-time. It involves immediate data recovery and
synchronization with the source data.

If data is accidentally deleted or corrupted on the source, it is also deleted or corrupted on the
mirror. It is used when immediate recovery is critical, such as in high-availability systems.

Methods of backing up data and best practices

17
  Use cloud storage by regularly backing up important documents and files to secure cloud
storage platforms like Google Drive or OneDrive.

 Schedule automatic backups by setting up automatic backups on your devices to ensure that
data is regularly and consistently backed up.

 Use external drives since they will provide an extra layer of security, consider backing up
important files to an external hard drive or USB drive. Store these in a secure location as
well.

 Test the backups through periodic tests to ensure that they can be successfully restored in
the event of data loss.

 Encrypt backup data by ensuring that the backup data is encrypted, especially if it contains
sensitive information.

 Maintain backup logs since keeping detailed logs of backup activities helps track what data
has been backed up, when, and where it is stored.

 Regularly review and update backup policies since data needs and technologies change over
time, so backup policies must be updated to reflect current requirements and best practices.

 Follow the 3-2-1 Rule by maintaining at least three copies of your data (the original and two
backups), store the copies on two different media, and keep one backup offsite. This will help
to ensure redundancy and protect against different types of data loss.

Data retention and archiving

Data retention

Data Retention refers to the policies and processes that determine how long data should be stored
before it is deleted or archived. The retention period is usually defined by legal, regulatory, or
business requirements.

Key aspects of data retention

Retention policy

A documented policy that specifies how long different types of data must be retained.

The purpose of this is to ensure that data is kept for the appropriate length of time, balancing the
need for accessibility with storage costs and legal requirements.

Retention periods

The specific amount of time data must be kept before it can be deleted or archived.

Some examples here include;

Financial records are typically retained for 7 years.

Employee records may be retained for the duration of employment plus a few years after
termination.

Email communications retention periods might vary based on the content and relevance.

Compliance requirements

18
Some data must be retained to comply with local or international laws.

Certain industries have specific data retention requirements.

Data disposal

Securely deleting data once it has reached the end of its retention period.

Shredding physical documents, securely wiping digital data, or using professional data destruction
services.

Data archiving

Data archiving involves moving data that is no longer actively used to a separate storage system
where it can be preserved for long-term retention. Archived data is typically less frequently accessed
but may need to be retrieved for regulatory, legal, or historical purposes.

Key aspects of data archiving

Archiving policy

A documented policy that outlines how and when data should be archived.

To provide guidelines on transferring data from active use to long-term storage, ensuring data is
preserved securely and is still accessible when needed.

Types of data to archive

 Historical data
 Legal documents
 Email archives

Archival storage solutions

Dedicated servers or storage devices in the organization’s data center.

Storing archived data in the cloud for scalability and easy access.

Using less expensive, slower storage options for data that is rarely accessed.

Accessing archived data

Using the search and retrieval by ensuring that archived data can be easily searched and retrieved
when needed.

Ensuring security by implementing strong access controls to protect archived data from unauthorized
access.

Data integrity

Ensuring that archived data remains unchanged and uncorrupted over time.

Methods

Regular checks

Validation processes

Using stable storage media.

19
Data protection and compliance

Data protection

This refers to the strategies and measures implemented to secure data from unauthorized access,
breaches, or loss. This involves ensuring the confidentiality, integrity, and availability of data.

Key components of data protection

1. Data encryption

The process of converting data into a coded format that can only be read by authorized users. The
purpose is to protect data both at rest (stored data) and in transit (data being transferred over
networks).

Types

Symmetric encryption which uses the same key for encryption and decryption.

Asymmetric encryption which uses a pair of keys (public and private) for encryption and decryption.

2. Access control

Mechanisms to restrict access to data based on user roles and permissions. It aims to ensure that
only authorized individuals can access sensitive data.

Methods

Role-based access control where permissions are assigned based on the user's role within the
organization.

Multifactor authentication which requires multiple forms of verification before granting access.

3. Data masking

The process of hiding specific data within a dataset to protect it from unauthorized access. It helps to
anonymize sensitive data while preserving its format for testing or analysis.

An example of this is masking credit card numbers in a database, showing only the last four digits.

4. Incident response

A structured approach to managing and responding to data breaches or security incidents. The
purpose is to quickly identify, contain, and mitigate the impact of a data breach, and to prevent
future occurrences.

Steps

Detection

Containment

Eradication

Recovery

Post-incident analysis

Compliance

20
This refers to adhering to laws, regulations, and standards that govern data protection. Organizations
must ensure that they meet all relevant legal requirements to avoid penalties and maintain trust.

Key components of compliance

1. Understanding legal requirements

This involves identifying and understanding the data protection laws and regulations that apply to
the varied organisations.

Examples

General data protection regulation (GDPR) governs the processing of personal data in the European
Union.

Health insurance portability and accountability act (HIPAA) sets standards for protecting sensitive
patient information in the U.S.

Data protection and privacy act, 2019 is the primary legislation governing data protection in Uganda.
It applies to all individuals and organizations that collect, process, or store personal data.

Electronic transactions act, 2011 provides a legal framework for the use of electronic
communications and transactions in Uganda, with implications for data protection and privacy.

The computer misuse act, 2011 while not exclusively focused on data protection, the Computer
Misuse Act, 2011 also has provisions that impact data compliance, particularly concerning the
security of data and information systems.

2. Compliance policies and procedures

Documented policies and procedures that ensure data protection practices align with legal and
regulatory requirements.

They help to provide a framework for maintaining compliance across the organization. Examples
include data privacy policies, consent management procedures, and data processing agreements.

3. Data audits and assessments

Regular reviews and assessments of data protection practices to ensure compliance with legal
requirements. Aimed at identify gaps in compliance and implement corrective actions.

Types

Internal audits which are conducted by the organization's own compliance team.

External audits which are conducted by third-party auditors to provide an independent assessment.

4. Data subject rights

Ensuring that individuals have control over their personal data and can exercise their rights under
applicable laws.

Rights include

Right to access which implies how individuals can request access to their personal data held by the
organization.

21
Right to erasure (Right to be Forgotten) which depicts how individuals can request the deletion of
their personal data.

Right to rectification which highlights how individuals can request corrections to inaccurate or
incomplete data.

5. Employee training and awareness

Educating employees on data protection practices and compliance requirements. It helps to ensure
that all staff members understand their responsibilities and how to handle data securely.

Methods

Regular training sessions

Workshops

Online courses

6. Record keeping and documentation

Maintaining accurate records of data processing activities and compliance efforts. The purpose is to
demonstrate compliance during audits and to ensure transparency.

Examples

Data processing logs

Consent records

Audit reports.

Best practices for data protection and compliance

 Implement a comprehensive data protection program by developing and maintaining a

robust data protection program that includes policies, procedures, and technologies to
safeguard data.

 Stay informed about regulatory changes by regularly reviewing and updating the compliance
policies to reflect changes in laws and regulations.

 Conduct regular risk assessments by identifying potential risks to data security and take
proactive measures to mitigate them.

 Invest in employee training to ensure that all employees are trained on data protection and
compliance requirements, with regular refreshers.

 Use data protection impact assessments (DPIAs) for new projects or changes to data
processing activities, conduct DPIAs to assess and mitigate potential privacy risks.

 Maintain clear communication by being transparent with customers, clients, and regulators
about data protection practices and compliance efforts.

22
MONITORING AND MANAGING ONLINE PRESENCE
As representatives of the National Spiritual Assembly of the Bahá'ís of Uganda, maintaining a positive
and consistent online presence is vital for outreach, communication, and community engagement. it
is important to be mindful of our online presence and how it reflects on the organization.

Importance of online presence management

Reputation management since a strong online presence helps build and maintain a positive
reputation. It ensures that the organization is perceived as credible, trustworthy, and professional.

Community engagement since engaging with the community, followers, and various agencies and
entities online is essential for building relationships and fostering a sense of connection.

Crisis management since monitoring online activity allows organizations to quickly address any
negative feedback, misinformation, or crises before they escalate.

Content control as an online presence ensures that the organization's message, mission, and values
are accurately represented across all digital platforms.

Components of online presence management

1. Website management

Keep the website content up to date, relevant, and aligned with goals of the Faith. Optimize the
website for search engines to improve visibility and reach a broader audience.

Implement security measures such as SSL certificates, regular backups, and protection against
malware to ensure the website is secure and trustworthy.

2. Social media management

Maintain active profiles on relevant social media platforms such as Facebook, X, Instagram, and
LinkedIn.

Develop and execute a content strategy that includes regular posts, community engagement, and
campaigns aligned with the Faith's mission.

Regularly monitor social media platforms for comments, mentions, and messages, and respond
promptly to engage with the audience.

3. Online reviews and feedback

Regularly monitor online reviews on platforms like Google My Business, Facebook, and any relevant
industry-specific sites. Address both positive and negative reviews professionally and constructively,
showing appreciation for feedback and addressing concerns.

Encourage satisfied community members and stakeholders to leave positive reviews to enhance the
organization's reputation.

4. Search engine monitoring

Set up Google Alerts for the organization’s name, key members, and relevant topics to receive
notifications whenever they are mentioned online.

Monitor search engine results to ensure that accurate and positive information appears at the top of
search results, pushing down any negative or outdated content.

23
 5. Content creation and management

Create and share original content that reflects the Faith's mission, values, and activities. This could
include blog posts, videos, infographics, and more.

Develop a content calendar to plan and schedule content in advance, ensuring consistent
communication with the audience.

Incorporate various forms of media such as images, videos, and podcasts to engage different
segments of the audience.

6. Crisis management

Proactively monitor for potential crises or negative publicity and have a plan in place to address
them. In case of a crisis, respond quickly and transparently to manage the situation and minimize
damage.

After a crisis, conduct a thorough analysis to understand what went wrong and how to prevent
similar issues in the future.

Best practices for managing online presence

1. Consistency

Consistent messaging and branding across all platforms strengthen the organization's identity and
make it easily recognizable. Use the same logos, colours, tone of voice, and key messages across
websites, social media, and other online platforms.

2. Authenticity

Authentic content and interactions foster trust and credibility with the audience. Share genuine
stories, experiences, and insights that reflect the organization's mission and values. Avoid overly
promotional or insincere content.

3. Engagement

Engaging with the audience builds a sense of community and loyalty. Respond to comments,
questions, and messages promptly. Encourage user-generated content and participation in
discussions.

4. Transparency

Transparency builds trust, especially in handling feedback, crises, or sensitive issues. Be open about
the organization's operations, challenges, and responses to feedback or crises. Address issues head-
on rather than ignoring or downplaying them.

5. Regular monitoring and analysis

Continuous monitoring ensures that the Faith remains aware of its online reputation and can quickly
address any issues. Use analytics tools to track performance, identify trends, and adjust strategies as
needed. Regularly review the effectiveness of online presence management efforts.

6. Maintain professionalism

Ensure that the online profiles, including social media, are professional and reflect the values of the
organization.

24
 7. Be cautious of public posts

Avoid sharing sensitive or confidential information in public forums or on social media. Consider the
potential impact of your posts on the organization.

8. Monitor mentions

Regularly monitor mentions of the National Spiritual Assembly of the Bahá'ís of Uganda and your
name online to address any potential issues or misinformation promptly.

9. Engage thoughtfully

When engaging in online discussions, be respectful and considerate, keeping in mind that you
represent the Faith.

CONCLUSION AND ADDITIONAL RESOURCES

In today's digital age, effective IT management, data protection, and online presence monitoring are
crucial for organizations like the National Spiritual Assembly of the Bahá'ís of Uganda.

This IT guide is a living document and will be updated regularly to reflect new policies, technologies,
and practices. All staff are encouraged to familiarize themselves with the guide and follow the
procedures and policies outlined within.

By adhering to best practices in data management, ensuring compliance with legal requirements,
and proactively managing their online presence, the Faith can safeguard its data, maintain its
reputation, and engage meaningfully with its community.

Additional resources

To further enhance understanding and implementation of the concepts discussed, here are some
additional resources

Books

Data Management for Researchers by Kristin Briney. A guide to managing data effectively throughout
the research process.

The Data Protection Officer. Profession, Rules, and Role by Paul Lambert. An in-depth look at the role
of data protection officers in ensuring compliance with data protection laws.

Social Media ROI. Managing and Measuring Social Media Efforts in Organizations by Olivier
Blanchard: Insights on maximizing the impact of social media efforts.

Online courses

Coursera. Data management for clinical research

Udemy; GDPR Compliance. A Practical Guide

LinkedIn Learning. Managing Your Online Presence – A course focused on developing and
maintaining a professional online presence.

Websites and tools

25
Data Protection and Privacy Act, 2019. Review the full text of Uganda’s data protection legislation
[available online].

Google Alerts. Set up alerts to monitor mentions of the organization online.

Hootsuite: A social media management tool that helps you manage multiple social media accounts,
schedule posts, and track engagement.

Industry blogs and newsletters

Data protection report by Norton Rose Fulbright. Regular updates on data protection laws and
practices around the world.

Social media examiner. Tips and strategies for managing social media presence effectively.

26