Everything is a bit on fire. Here's what to do anyway.

Tech Checkup

A hands-on digital and cybersecurity assessment for nonprofit teams working under real constraints.

The Tech Checkup is a structured walk-through of the tools, accounts, and habits you already rely on—plus the risks they quietly drag in with them. It exists because technology is now unavoidable, increasingly risky, and—despite everyone’s best intentions—often doing real damage to the work organizations are trying to do.

We wish this weren’t necessary. But here we are.

The goal isn’t perfection, best-in-class tooling, or theoretical security. It’s to be safer, clearer, and more deliberate than you were before—without turning everything into a months-long project or a religious debate about tools.

No hype. No shame. No 40-page PDF that nobody reads.

Who this is for

The Tech Checkup is for small to mid-sized nonprofit organizations working on democracy, human rights, or the rule of law— especially teams without dedicated security staff, and teams operating in environments that are becoming more hostile, more surveilled, and less forgiving over time.

If technology feels essential to your work, vaguely dangerous, and harder to reason about than it used to be, you’re probably not imagining things—and you’re probably in the right place.

What the process looks like

A typical Tech Checkup runs over several weeks and is intentionally lightweight. It usually includes:

  • A kickoff conversation to understand your mission, constraints, and concerns
  • A short questionnaire about how your organization actually uses technology (not how it appears on paper)
  • One or more structured conversations with organizational and technical leadership
  • A written assessment with pragmatic, prioritized recommendations tailored to your resources
  • A follow-up conversation to talk through tradeoffs, answer questions, and refine next steps

Throughout the process, the emphasis is on judgment, not compliance—and on choices you can realistically make without burning out your team or pretending risk doesn’t exist.

What we ask of partners

Participating organizations should expect to spend roughly 15–20 hours, spread across several people, over the course of the assessment. The Tech Checkup works best when partners are willing to be candid about constraints, surface uncomfortable realities, and treat digital risk as a shared organizational issue rather than something that can be quietly delegated.

You don’t need to have everything figured out. You do need to be willing to look at things honestly.

What this is not

  • An emergency response service
  • An incident-response hotline
  • Ongoing managed IT or security support
  • A vendor bake-off or procurement exercise

If you’re dealing with an active security incident or immediate risk, this is not the right starting point. In those moments, speed and direct support matter more than reflection.

What happens next

This work is volunteer-supported, which means availability is limited and scheduling reflects the fact that everyone involved has other responsibilities, too. If you’d like to talk about whether a Tech Checkup might be a good fit for your organization, you can reach us at help@demnerds.org.

Just a conversation to see whether this would actually be useful. We’ll reply when we can, and we’ll be straightforward about fit and timing.