The bitterness of poor quality remains long after the sweetness of low price is forgotten.”

– Benjamin Franklin

In the famed British fable, the little pig who built a house of straw soon lost his house to the Big Bad Wolf. (He also became a serving of bacon for his clever predator’s dinner.) The only pig smart enough to outwit the conniving old wolf built his house of bricks. (He enjoyed wolf stew for his evening meal.) Carefree short-term thinking creates costly risks. For school boards needing board management software, the free stuff is alluring, but the shrewd buyer builds a stronger foundation that stands the test of time.

A board may decide to live with the often-lackluster features of free software – not-quite-right mechanisms for group editing, say, or unsearchable records. What no school board can tolerate, though, are compromises on cybersecurity. Getting free board software creates the formidable risk of waking up one day to hear the three words that bring everything to a standstill: “You’ve been hacked.” Eight scenarios can create this dreaded outcome with free board management software:

  1. A board member inadvertently leaks data. Most “inside jobs” stem not from corruption but from human error. Gerald Cliff, research director of the National White Collar Crime Center, attests that human error poses the single greatest threat to data security. So, too, in the private sector; at an annual meeting of the International institute of Management Development, the featured speaker cited as his company’s biggest risk “the board member who doesn’t know what he is doing.”

The problem is not the directors; it’s the customary dearth of training. New board members may never get initial training on the software, and even experienced board members may be hunting and pecking without ever attaining mastery of the software’s capacities.

Free board management software does nothing to avert the crisis portended by this innocent ignorance. Training is simply not part of the package. The same goes for the low-cost option of out-of-the-box software installed on a hard drive.

Only full-service board portal software with a track record of training service addresses this need. BoardDocs provides continuous responsiveness to customers’ training needs, with webinars, videos and award-winning customer service that promises a live person on the other end of the line.

  1. A hacker breaks into data stored on the cloud. With free board management software, where is data actually stored? Almost always, the answer is “the cloud.” If the software operates in tandem with popular file-sharing sites (also free!), cloud storage is the norm. The cloud does not provide the requisite security for school boards, which handle the most highly sensitive information of all the stakeholders in the district.

On this point, experts speak with a single voice. Netskope conducted a study of companies that stored their data on the cloud. A full 15% of them had been hacked. Storing data off the cloud is the only way to be safe from phishing attacks and hacked servers.

It is not only the cloud itself that multiplies risk. Data destined for the cloud makes numerous pit stops along the way. At any of these sites, it is wide open to attack by nefarious actors. Free board software leaves files open to these risks.

The solution is to store data on a secure private server safely off the cloud (even if its data host is “cloud based”). Only top-of-the-line, full-service board portal providers keep your confidential information under lock and key. They also conduct all data transmission over a secure connection.

  1. A cybercriminal penetrates unencrypted files. Encryption creates complexity, making it more difficult and more time-consuming to break into files. Hackers naturally strike first at unencrypted data. Full, robust 256-bit encryption is the gold standard for safety.

Free board management software seldom rises to that standard. More often, it offers no encryption or low (128-bit) encryption. Full-service board portal software protects your confidential information with full encryption, the kind that sends hackers running the other way.

  1. Phishers hijack the network through board emails. The best boards forbid members from communicating over email. Phishing scams rely on email; through it, they either contaminate networks by injecting viruses or gain access to valuable data stored on the network. With that access, they steal personal identifying information in order to commit identity theft or charge things to constituents’ credit cards. If it proves more profitable, they will charge a ransom to either restore contaminated data or return personal identification information.

Using email for board communications is thus a risky business. Since school boards usually display board members’ email addresses on their public-facing websites, it is remarkably easy for a bad actor to send damaging click-bait to an entire board. If just one member falls for it and clicks, there goes the district data.

To dodge that bullet, school boards need management software that provides a secure portal through which board members can collaborate with one another. Free board software does not provide it; only full-service secure board portals do.

  1. Next-gen tactics easily outsmart last year’s defenses. Hackers are refining their methods all the time. Developers constantly play a cat-and-mouse game to anticipate and thwart their next moves.

Free board management software has no developers keeping data protected from successive waves of criminal tactics. Safeguards provided at the time the software is downloaded remain at the front line of cyber defenses. When a hacker, say, perfects a decoy that fool victims’ systems into “recognizing” code as part of their own network, they would easily topple defenses designed for a less-subtle and precise decoy lure.

Free board management software stops “evolving” as soon as it’s downloaded, making data stored there a soft target for increasingly sophisticated assaults. Even low-cost software bought off the shelf and downloaded onto a hard drive does not update its protections. Larger districts might have IT staff write custom code for board management software. That strategy, too, poses risks: Small staff with multiple priorities cannot be expected to constantly monitor complex international scams and generate defenses for all of them.

Only a full-service board portal software company follows through with ongoing protection updates that keep pace with new threats. Large companies with designated departments have programmers constantly scanning the threat horizon and developing safeguards for the next generation of attacks.

  1. A third party sells your data. Free board management software puts data at the mercy of third parties. Say the software stores data on Google Drive or another free popular file-sharing service. Ambiguous ownership of the data results. That might not matter if Google did not have a constitutional conflict of interest. But it does: The company serves many audiences, many of which buy data for a pretty penny. The lawsuits against Facebook and Cambridge Analytica reveal the primitive state of laws that cannot anticipate every imaginable betrayal of customer confidence.

Full-service secure board portal providers face no such conflict of interest, making their servers safe repositories for sensitive board data. Their “free” counterparts, by contrast, put data at risk as a routine matter of doing business.

  1. The entire town reads confidential personal identifying information intended only for the board. Because school boards hold public meetings subject to open meeting laws, they must tread carefully between protecting board information and widely distributing public information. Just a one-time slip can create a catastrophe: The entire community reads the gory details of banking transactions constituting embezzlement.

Free software provides no safeguards against such human error. To keep board information consistently segregated from public readings, a school board needs to fully automate distribution channels. Only top-tier, full-service board portals provide role-based authorizations, which keep the right information before the right readers every single time.

  1. Inadequate accessibility gets the school board in trouble. Free board management software does not keep pace with rapidly changing Americans with Disabilities Act (ADA) regulations governing handicap access. When provisions fall short of the requirements, one of two things can happen to the school board. Sometimes, excluded constituents sue the school board, which then faces steep legal costs and possible responsibility to pay material damages. Other times, the Justice Department’s Office of Civil Rights (OCR) launches a federal investigation. While such investigations usually result in calls for voluntary compliance, they can wreak havoc on a board’s community trust.

Any of these draconian scenarios can throw budgets into a tailspin. Damage control costs much more than preventive measures, as the City of Atlanta learned the hard way. By skimping on cybersecurity, it paid over $2 million to restore their computer systems after a successful March 2018 attack. Doing it right the first time would have cost a third that amount and prevented the other types of chaos that the attack created.

For school boards, the sudden, spikey nature of these budget surprises is every bit as debilitating as the high dollar amounts that they call for. Public-sector boards do not tactically move reserve funds with the shifting concerns of executives who exercise discretion over accounts. Evenly paced, predictable expenses better suit their budgetary process.

“Free” software runs the risk of creating a future budget emergency in a system not designed to be responsive to crises. By contrast, yearly subscription fees for full-service board portal software providers keeps such damaging scenarios at bay, while they themselves constitute a consistent, manageable expense. In return for that fee, dedicated staff provides ongoing training, nimble customer service, security updates and first-class private server storage – while keeping board data off-limits to advertisers and prying public eyes.

Free board management software is hardly the bargain it appears to be. Security risks alone make them a fool’s paradise. Online data dwells in a forest where big bad wolves wait eagerly to pounce at every turn. Keep it safe with protection that does not “blow down” with a little huffing and puffing.