A Houston nonprofit providing workforce development services received a $2.1 million federal grant that included a cybersecurity requirement: the nonprofit must maintain a documented information security program meeting NIST Cybersecurity Framework requirements. With 30 days to demonstrate compliance or return the grant funds, the nonprofit contacted SpaceTown IT.
The Grant Requirement
Federal grants increasingly include cybersecurity requirements as conditions of funding. This nonprofit’s grant required: documented information security policies, multi-factor authentication on all systems accessing grant-related data, encrypted storage for beneficiary personal information, incident response procedures, and an annual security review. None of these were in place.
30-Day Sprint
SpaceTown IT executed a 30-day compliance sprint: Week 1 — environment assessment and gap analysis against grant requirements. Week 2 — MFA deployment for Microsoft 365 and grant management software, workstation encryption activation, and access control implementation limiting beneficiary data to authorized caseworkers. Week 3 — Information security policy development and incident response procedure documentation. Week 4 — Staff training and compliance documentation package assembly.
Grant Compliance Maintained
The nonprofit submitted their compliance documentation package to the grant administrator within 30 days. Grant funding continued. SpaceTown IT now provides ongoing managed IT at nonprofit-friendly pricing including annual grant compliance reporting and security reviews.
IT for Houston Nonprofits
SpaceTown IT provides IT compliance for Houston nonprofits at nonprofit-friendly pricing. Call (832) 304-9748.
See how SpaceTown IT protects Houston businesses
SpaceTown IT serves Houston businesses with veteran-owned, expert IT and cybersecurity services. Call (832) 304-9748 or book a free assessment.