00:00:00 Introduction

Hello everyone and welcome to today's webinar, ActivityInfo: Key topics for the IT department. My name is Fay Koutsioumaridi, and together with Mr. Alex Bertram, we will be hosting this webinar, broadcasting from The Hague in the Netherlands. We're excited to see such a big interest in this topic, so thank you very much for joining us.

Before we start, I would like to share some housekeeping rules for everyone. Your microphone is muted, and you should all be able to see the shared screen during the webinar. You can add your questions and comments in the chat box and select to send them to organizers and panelists so we can see them. In the end, we will answer as many questions as possible, and will keep in mind other questions to which we may reply with new articles, guides, or webinars. So, make sure to keep an eye on the ActivityInfo social media and the blog on our website. The webinar is being recorded, and you will receive the recording after the webinar. The recording will also be available on our website in a few days' time.

00:01:15 Speaker introduction

So now I would like to introduce to you Mr. Alex Bertram, the Technical Director of BeDataDriven and founder of ActivityInfo, who is going to be presenting today. Alex is a graduate of the American University's School of International Service and started his career in international assistance fifteen years ago, working with IOM in Kunduz, Afghanistan, and then later as an Information Management Officer with UNICEF in DR Congo. With UNICEF, frustrated with the time required to build data collection systems for each new programme, he worked on the team that developed ActivityInfo, a simplified platform for M&E data collection. In 2010, he left UNICEF to start BeDataDriven and develop ActivityInfo full-time. Since then, he has worked with organizations in more than 50 countries to deploy ActivityInfo for monitoring and evaluation. Alex, the virtual stage is yours.

00:02:07 Agenda and overview

Thanks. Welcome, everybody, again. Great to see such a nice turnout. So the reason for today's webinar is that here at BeDataDriven, and not just myself but all the members of our team, we spend a lot of time talking with people in monitoring and evaluation, with Information Management Officers, programme managers, and so forth. And we don't often get a chance to talk directly with people in the IT department. And actually, there's a lot of room for collaboration that we see when it comes to data security or integrating ActivityInfo with other systems that are used in your organization. So, we wanted to provide this information session specifically for those of you working in IT departments.

I suppose probably a lot of people who do not work in IT departments are here; please feel welcome. I hope the information will be useful for you as well, but keep in mind that this is focused on the information technology behind ActivityInfo. So maybe it's something that you can share. I hope you learn something and share with your colleagues in IT, if that's not you. But for those of you who are working in IT, maybe within an NGO or in the UN, welcome.

We're going to cover four topics. Not just introducing what is ActivityInfo, but the second is to really look at how ActivityInfo can really serve the IT department in helping to reduce the costs and risks associated with information management compared to custom software development. Third topic will be data security, of course. That's something that there's a lot of room to collaborate with IT departments on. And finally, looking at how ActivityInfo can be integrated with other corporate IT systems.

00:04:11 What is ActivityInfo?

So, let's get started with what exactly is ActivityInfo. So again, we work with our office and field offices. So for those who are new to ActivityInfo, it's a software. It's a cloud-based software platform that allows non-developers—so, people working in M&E, program management, what have you—to quickly build and scale information systems for humanitarian and development operations.

Fay mentioned I got my career start with UNICEF building information systems. So first an assessment database for a UNICEF program in Congo, a database for tracking the Shelter Cluster activities. And when we were talking in our emergency section at UNICEF, it just seemed a shame that every time there was a new program or a new effort, it would take so long to get an M&E system, a coordination system up and running. So ActivityInfo started out as a project in 2009 to really make it easier and faster to set up these kinds of systems.

Over the last 10 years, this has really worked out, and ActivityInfo grew beyond the Congo to serve humanitarian response monitoring today in 31 different countries. In the Middle East for the Syrian refugee crisis, and South America and Central America for the Venezuelan refugee crisis. But also for humanitarian response in Africa, and in Asia, and Afghanistan, and around the Rohingya response in Bangladesh, ActivityInfo is really the heart and soul of many of those countries' response programs. But also in many NGOs—so smaller country programs, large country programs—ActivityInfo is used as a project management information system to collect data about beneficiaries, about recipients, to manage distributions, and case management. Some of our largest case management deployment is with UNRWA in the Middle East, and for large consortium reporting, it's really proved to be flexible enough to handle many, many different use cases in the humanitarian and development context.

00:06:44 Live demonstration

For those of you who have never seen the system before, I want to make it a little bit more concrete than just a list of features. So, I'm going to quickly toggle to ActivityInfo itself. Like I said in the beginning, it's a way to create databases. So, you can quickly add a new database for your program. You know, when I was working with UNICEF, it was the program for assistance to returnees. And that allows you to then add forms. So we were tracking, for example, NFI distributions to returnees. I can reference fields; that's really a key feature. We have a built-in geo-database. You can pick a country here, maybe Afghanistan, track it at the district level, for example.

You can add the kinds of information, either maybe a one-off indicator, like the number of beneficiaries, or I can add a subform to actually track the detailed list of beneficiaries who maybe received a kit. So this is very flexible. You can collect it at a high level, like the number of beneficiaries, or at a low level and track personal information or individual-level data, such as the name, the date of birth, and a gender.

Those forms—you can make it as simple or as complicated as you like. From here, you can invite users. You give them roles, the permissions that you need, that you want to give them. You can link them to give them access to all of the forms or part of the database. It's extremely flexible so that you can give people the access they need. You can customize roles so that certain people can do different actions. It can all be quickly customized as needed.

I'm going to switch to a completed database here so you can see a bit more interesting data. As the data comes in, if I'm doing data entry in my form that I created, I can pick the date, district, and enter beneficiaries. Or again, if I have a more detailed one, you can enter in data for beneficiaries. We have a tablet app and a mobile app, so data can be collected directly from the field. And there's an offline function that will allow you to work offline. Download a copy of the database locally, and synchronize when that's complete.

You can review the data, search, sort, filter, have a complete audit trail of who added the data, any changes that were made, export and import data from spreadsheets quickly. We also have mapping that allows you to quickly see the data in a map. Zoom into specific data entry points. You can create map reports. So here I have a drag-and-drop map editor where I can quickly create simple maps if you don't want to go all the way to ArcGIS. You can quickly create a map, save that, share it with your colleagues, and even publish it to a public URL that you can embed in your website. Again, if you want to work with Power BI or ArcGIS, you can always grab a live feed; just copy this link and paste it in Power BI or Tableau, and you can use those too as well.

00:12:40 Build vs. buy: Costs and risks

I want to turn now to a topic that's really intended for people working in an IT department and supporting your colleagues in the field, which is: when would you use ActivityInfo? And how would it compare to other systems? Maybe you're an IT administrator or you're responsible for providing the system to those who are working in programs. And there's always a number of choices. The default choice is kind of sticking with muddling through with Excel or other kind of cobbled-together systems: email, printed, paper-based systems. Of course, that can work on a small scale. But as soon as it scales beyond a couple of people, it tends to bring a lot of frustration. So that's often the point when people will start to look for a more sophisticated system to make sure that data quality can be enforced, to improve the security of data, improve the efficiency of a system.

And then that's often when we get the question from IT departments: 'Should we develop a custom system? Should we build something with Django, PHP, Microsoft Access? Or should we consider a system like ActivityInfo that allows you to put together something a bit faster?' I want to talk about some of the trade-offs that are involved from an IT perspective.

The first is uncertainty. I found this statistic in a report from the Standish Group, that nearly a third of IT projects are actually canceled before they're completed. And more than half of projects will run over budget by nearly twice as much as the original number. So that's kind of a scary statistic, but I think it's interesting to think about why that is.

Steve McConnell talks in his book 'Software Estimation: Demystifying the Black Art' about the 'cone of uncertainty'. This is the idea that, in the beginning of a project, maybe you've got a large consortium, 10 partners, and you want an IT system that brings all of those partners together to track the results across all of those activities. Well, in the beginning, there is just so much uncertainty. Actually, how long it will take to build such a system from scratch, how many developers you need, what the system will even capture—all of those things are very uncertain. So you should expect an estimate of time or money to be off by as much as 400%.

As you progress through the project, maybe you complete a requirements analysis. And here you can see that the window of uncertainty starts to shrink, but it's still quite large. Even with a good requirements analysis, it can be very difficult to anticipate how this system should work in practice. As you move closer, you get to the pilot version, then the cone starts to shrink and you can get a better picture.

For programs that are changing, or maybe just the first time you're doing a program, then it's extremely difficult to plan for how long—four months, six months, a year—to have an operational IT system. It's not at all uncommon that, by the time that you are certain about what is really needed, you might have exhausted your budget. You might have spent your budget, your time, and not be an internal budget or an external developer on something that is not exactly what you needed. And now you're short, and then you have the choice of either increasing the budget or cutting things.

00:20:43 Reducing time and maintenance costs

How does ActivityInfo address this? It reduces the time and the cost of these changes. So in ActivityInfo, it's not at all uncommon to release a system in a day or two, maybe a week. Once you get out into the field, you might find some of the rules need to change or I need to collect some different information that I hadn't anticipated. And with the easy-to-use Form Builder and the Database Builder, those changes can quickly be updated without going through your budget too quickly.

A concrete example is we were working with a UN organization in Lebanon that's responding to the Beirut blast. They are tracking things at a very granular household level. And one thing that was necessary to do this was a way to uniquely identify households. And that's not an easy thing. And it actually took three different iterations to find a way of identifying uniquely the household that did work. And they were able to cycle through that with ActivityInfo very quickly. Within the space of two weeks, they could try out these three different ways, actually field test each one of these with people in the field to arrive at a system that worked. If you had to actually go back to a developer or even to a Microsoft Access database, that can take much longer and you lose a lot more time.

I also want to talk about maintenance costs. This is something that we see, unfortunately, is not always taken into account. If a software system needs to run for a couple of years, you need to take into account the fact that the initial cost of developing that system is only going to be about a quarter of the total cost of owning that system. Typically, about 20% of ongoing maintenance costs are related to corrections—bugs, things that don't work properly—but another 25% are adaptive changes. So this could be things like the program changes and you need new functions or you need new information to be collected.

With an in-house development, you might run into surprise maintenance costs. With ActivityInfo, we arrived at a model of the subscription. So basically, if you choose ActivityInfo for a project, you pay a fixed yearly fee that covers everything. So the initial development cost is much lower, and you spread out these maintenance costs among all of our users. There's a lot that we can centralize here in BeDataDriven, so that you have a predictable yearly cost for the system. It also helps to reduce these kinds of adaptive costs because non-technical non-developers can make these changes directly in ActivityInfo themselves. You can delegate form design, user management—all of that can be pushed down to the field where people know the issues much better.

00:26:30 When to use custom software vs. ActivityInfo

ActivityInfo is not perfect. Of course, there are always trade-offs. There are only so many things that you can customize in ActivityInfo. So, I think it's useful to think about some of the trade-offs. Projects that are a good fit for custom software development are typically those with a high degree of standardization across a large user base. So you can think of a travel management system, managing travel requests, travel reimbursements. That's something that you can standardize across your whole organization. The other important thing is that that's probably not going to change very much. Other examples that are good fits to be centrally managed by your own in-house systems include procurement, finance systems, and warehouse management.

The kinds of things that you could consider ActivityInfo for is where the needs vary considerably between projects and field offices. ActivityInfo is used for humanitarian response planning in 31 countries, and in every single country, it's M&E, but the structure of reporting the information that they collect varies considerably. Some countries use activity-based tracking where goals and targets are linked to activities, where others are organized around themes. You might have project-based costing where you have goals set for specific projects. Every single one of our users who set up an M&E database in ActivityInfo, they're all so different because the needs are quite different and the themes are quite different.

Cluster reporting systems also vary quite a bit. I think this is an area where humanitarian relief and development can be quite different than other sectors for IT because you could be in Congo, focused on supporting returnees, and unfortunately, there would be an incident, and suddenly we were dealing with a very different type of emergency—hundreds of thousands of people displaced, conflict, cholera, acute needs—and you need to repurpose the information system overnight. And so that's where a system like ActivityInfo can deliver tremendous value.

00:30:41 Data security and ownership

For those projects where you do choose to use ActivityInfo, we're all thinking about data security more and more, as we should be. One question that I get asked a lot is just, 'Where is this data stored? Who is responsible for this data?' ActivityInfo is run by our company, BeDataDriven. We're essentially the data processor of the data. We don't own the data, we don't control the data, but we process it on behalf of our customers.

Our customers can vary, but they are often country offices. So, for example, one of our customers is the UNICEF Lebanon country office, and we have a contract with that customer. That governs our responsibilities for the data that they own in this case, like the Lebanon Response Plan, and that they store in the system. To use some terms from the GDPR, we're the data processor and UNICEF Lebanon is the data controller. They determine what data is collected, they determine how long to keep that data, and they determine who gets to access that data.

Sometimes it's not country offices but regional offices. So another of our customers is UNHCR, the regional office in Panama, and they in turn own the data and set up the databases in the various countries that are involved in the Venezuelan Refugee Response. Again, they're the controller of the data; we process the data on their behalf. We have a global framework agreement with UNHCR which governs our obligations to UNHCR.

Sometimes that contract is at the organizational level. For example, OCHA. We have a contract with OCHA and within that context, they control the Libya database for response monitoring as well as other countries. All of this is in one platform, but each of the databases, who gets access to that data, is controlled by the database owner or those that they've delegated to. We on our team only access the data if we're invited or requested to help.

00:35:23 Threat analysis and infrastructure

For data security, we are constantly vigilant. We start with what is called a threat analysis model. We're basically looking at four different layers. The data starts with our customers. When our customers invite people to access the database, that's the first weak link. Unfortunately, people—we are all a serious vulnerability in systems—as well as our devices and the networks the data is moving through. That data travels through the public network, encrypted, very secure, to reach our cloud vendor.

We host our system on Google Cloud Platform. We very much took a strategic decision very early on to rely as much as possible with regard to infrastructure on cloud providers. Our data is stored in Europe, in three different data centers in Europe. Each of those data centers has a staff of more than 500 people who are focused full-time on protecting and managing that infrastructure. That allows us to focus on the security related to the application itself, deployment, and our team here in The Hague.

With regard to the storage and security of the data, we've chosen an architecture where every single change that you store on the platform is synchronously replicated to four different zones—so four independent data center zones—there's always four copies of the data, at least, and at least two different physical data centers. To use their data centers, we have one in Frankfurt and Zurich. So if there is a flood in Frankfurt, or if the entire city of Zurich is covered in an avalanche, there are still extra copies of your data. So that's the kind of risk that we feel is fully mitigated by design.

00:40:23 Top four security threats

Over the last 10 years, I think we've emerged on a threat model that identifies four key risks that we feel require our constant attention to mitigate.

The first is insider threats. Unfortunately, the biggest threat that is posed to the data that is trusted on the platform is not shadowy hackers, but just real people that are given access to the system. I think the most serious security incident that we've ever had was with an employee of one of our customers. They were fired, became very angry, and on their way out the door, they logged into ActivityInfo with their credentials and deleted all of the data. Of course, with the log, we were able to roll back those changes and recover the data. But that's simply a reality.

The second thing is user error; this is just human nature. Deleting things accidentally, deleting whole databases by accident. Like I said, we engineered the audit logs so that that can be recovered.

The third major issue that we're concerned about is weak passwords. When you grant access to external users, they often authenticate with passwords. We know in general, people are terrible at choosing passwords; they use the same passwords over and over again. They share passwords with their colleagues in the office. So that's something that we're working on, finding alternatives for that.

The fourth thing is social engineering. So things like phishing emails, impersonation on Skype. All of these things can be quite dangerous, and we're working with our customers to roll out security for email, like DKIM and SPF.

00:43:27 Integration with corporate systems

This is another opportunity that our team would love to collaborate more with IT departments on: integrating with other systems. The first thing is—this has been a major project of the last year—is to integrate Single Sign-On (SSO) with our customers. This is part of reducing this risk of weak passwords. The idea is through OpenID Connect, if you're using Azure Active Directory, or if your organization is running on Google Workspace, your users can connect directly to ActivityInfo without having to choose a password. And it also means that if they leave the organization, you can block access to ActivityInfo and the databases that they have access to.

We rolled this out with UNHCR, and UNHCR has two-factor authentication enforced for all of their users, which means that the administrators of ActivityInfo, the UNHCR staff members, their ActivityInfo accounts are also protected with two-factor authentication. So, it allows you as an IT department to also control who in your organization has access to this potentially sensitive data.

We've had some questions from IT departments: "Is this safe?" I really encourage you to take a look at the OpenID Connect protocol, because it really works very well. It really does not introduce any risk to your organization. Basically, what our server does is when people log in, we look at that email address. We say, "This is somebody from UNHCR." We're going to send them to Azure. They go over to Microsoft and they enter their password there. That's no additional risk for you. And if that's successful, then they get sent back to our server with a code, and the only thing that that code gives us is their name and their email address. That's it.

ActivityInfo also integrates very well with other products in the Microsoft suite. So if you're a Microsoft shop, Power BI—you can copy and paste a URL from ActivityInfo, and you get these great live dashboards. This is an example from a dashboard from OCHA in Iraq, from their 2020 response dashboard. It's linked to ActivityInfo databases published on humanitarianresponse.info.

We have a great API. You can find the documentation online on our site. Another scenario is integration with other corporate systems. So for example, if you want to link activity data to a grant code, you can write a script that will basically push a list of grants from your finance systems into ActivityInfo, so that that is tightly linked to the program outputs. You can do that with Python, R, PHP, .NET. You can do it in the opposite direction: pull data from ActivityInfo into a custom web application. A great example for this is also from Lebanon. They built a service locator. They used ActivityInfo as a database, they asked all of their partners to put in that database what services they can offer refugees from Syria, and then they built a simple web application to query the data from ActivityInfo and then made a nice map.

We're constantly working on improving connections. We're rolling out a Web Feature Service integration this year, that will connect ArcGIS and QGIS, as well as notifications and webhooks. One use case there is like MS Power Automate, so that you can then push into a notification, Slack or Teams.

00:50:11 Q&A session

I see the first question is, "Where is data stored?" If it's put in ActivityInfo, we store our data in data centers, in Google data centers in Europe. The ones that we use are in Frankfurt and London. I think we'll be adding another one in Belgium this year as well, but all in Europe.

Muhammad is asking, "Can we store personal data in ActivityInfo?" We certainly support that and work very hard to make that possible and to make that safe, and we work definitely within the guidance of national privacy legislation. So, if you are a European NGO, that means the GDPR. Our relationship there is we are a data processor under that framework. And you know, as a customer you would be a data controller. The permission system makes ActivityInfo a good choice for storing sensitive data because you can really control who has access to that data.

Another privacy-related question from Ellen: "What considerations about privacy and data protection are taken with ActivityInfo?" As a data controller, our first rule as a provider is, we only process the data under your instructions. If you tell us to remove the data, we remove the data. The only people that have access to the data are those that you explicitly grant access to. We work with our partners to make sure that roles are limited to the greatest extent possible, so that when you're dealing with sensitive information, vulnerable populations, that you respect the principle of least permission.

Abdulrahman El-Ida asked if a local NGO could also use the system? Yes, absolutely. As a local NGO, you can also talk with your donors for example, UNHCR and other UN organizations; they have contracts with us, so they might be able to provide you with access as well. Or we're happy to talk with you about getting access if you want to manage your own data.

Waseem is asking, "Is ActivityInfo suitable to create a banking system, financial system, and an accounting system?" I'm not sure I would run a bank on ActivityInfo, but it hasn't been done before. But why not? I think what you should look at are these kinds of factors: if you have a financial system or an accounting system that requires a high rate of change, reacting to changes on the ground, then you might consider setting up a ledger in ActivityInfo. But often, ActivityInfo and accounting systems don't necessarily change so much from one to another or over time. We use a separate accounting package for our business, but you could set up a ledger.

Ronnie asks, "Is there a possibility that somebody can hack the data stored?" Well, unfortunately, no system is 100% secure, though I'm very proud that our team has ensured that we've managed to prevent that for all the data that's been stored in our systems. But if you're thinking about hacking, the much greater and more realistic risk is not that somebody will exploit a technical vulnerability, but that people will be the weakest link. The only security incidents that we've actually had have been insider threats and user error. These occur when real people, not hackers, but people in your offices, either make a mistake or act maliciously.

00:59:39 Conclusion

We're going to be sure to send out the recording within about a day or so. Check out our website at activityinfo.org. We have upcoming webinars that are also focused for M&E and for project management. I hope this kind of information technology perspective is useful and, yeah, don't hesitate to get in contact with us if you have more questions. Thanks everybody for joining us and have a great evening or day, depending on where you're connecting from. Goodbye.