The ELA Board of Directors (BOD) holds an annual mid-year meeting each May, usually here at the University of Dayton. It was a packed agenda this year since it was my first as executive director. I wanted to be sure that the BOD was completely aware of policies, inventory, and budget matters, in addition to a lot of other things.
Last year, other than interviewing the candidates for the position of executive director (thank you!), the BOD spent much of its meeting time writing a comprehensive strategic plan with the help of a professional facilitator. In response to the plan, I wrote detailed goals and action plans which the BOD accepted in early fall 2009. These goals and action plans were aggressive yet realistic. During this year’s meeting, we reviewed my goals and action plans as a group and the BOD was overall very pleased at the progress made to date. As I reviewed the list myself, prior to the meeting, I have to admit that even I was surprised at how much my staff and I accomplished this year. A big thank you goes to Judy and Jody, as well as our student workers Jared, Elizabeth (congrats on graduating!), Sean, and Meredith. We work very well together as a team!
Governance
For several weeks, beginning April 27th, I have been fairly consumed dealing with everything that has come about as a result of a hacker getting into our website’s server and stealing, or attempting to steal, the credit card numbers of as many as five persons. Please know that at no time was our membership database at risk, as this is held on a different server and no personal information, other than contact information, is held in the database. Each person whose information was potentially compromised was personally contacted.
We have learned much about our own operations and policies and changes that need to be made thereto, and internal changes are ongoing. Your privacy and financial safety is very important to us. Until every change has been thoroughly reviewed, will we not be taking credit card information through our website. Compared to stories you hear on the news this break-in was considered pretty small, yet it consumed our time and caused the same corporate difficulties as a larger-scale attack. However, we also consider ourselves fortunate because it revealed potential issues that may have allowed a larger-scale hacking – so in a way we are grateful, if that makes sense to you.
To date, we have been through the proper reporting system with local and federal officials. We have researched and changed the software of our online shopping cart (though you won’t notice a difference from the outside) and are finalizing the terms of use that will be acceptable to our bank so we will then be able to upload new payment gateway software. At that time, we will again be able to accept credit card payments over the Internet. Until then, if you need anything, feel free to call us with your payment information. We hope to have everything completed on or about June 1st.
Corporate Matters