Common questions

Answers to the questions that come up before the first conversation.

Technology leadership, AI governance, security, compliance, and how Dragonfish works.

Fractional IT Leadership

What is a fractional IT director?

A fractional IT director is a senior technology leader who works with your organization part-time — typically 2 to 16 hours per week. You get strategic IT leadership, roadmaps, vendor management, and board-level reporting without the cost of a full-time hire (often $150K–$200K+ in salary and benefits). Fractional IT directors are ideal for organizations with 10–150 employees that need expert guidance but cannot justify a dedicated executive.

How is fractional IT leadership different from hiring an MSP?

A managed service provider (MSP) typically handles day-to-day technical support — fixing things when they break. A fractional IT director operates at the strategic level: aligning technology with your mission, planning budgets, managing vendors including your MSP, leading modernization projects, and advising your executive team. Many clients use both — Dragonfish provides the leadership layer, and an MSP handles the ticket queue.

How much does fractional IT leadership cost?

Every engagement is scoped to what you actually need. Most organizations start with a focused number of hours per week and scale from there. Compared to hiring a full-time IT director, fractional leadership is significantly more cost-effective while still providing senior-level expertise. You will get a clear, honest quote after a discovery conversation — no inflated proposals.

Microsoft 365 & Google Workspace

Should our school use Microsoft 365 or Google Workspace?

It depends on your priorities. Google Workspace for Education is popular with K–12 schools because of Chromebook integration, simple administration, and generous free licensing. Microsoft 365 Education offers stronger document collaboration, better compliance tools, and deeper integration with enterprise systems. Many schools use both. Dragonfish evaluates based on your specific needs — device fleet, compliance requirements, budget, and staff comfort — and plans migrations when needed.

What is Microsoft 365 Copilot and should we deploy it?

Microsoft 365 Copilot is an AI assistant built into Word, Excel, PowerPoint, Outlook, and Teams. It can draft documents, summarize emails, create presentations, and analyze data using your organization's own content. Whether you should deploy it depends on your data readiness (Copilot surfaces whatever it can access — permissions and data governance need to be solid first), budget ($30/user/month on top of existing licensing), and use cases. Dragonfish helps organizations assess readiness, clean up permissions, deploy in phases, and train staff on responsible use.

Can you migrate us from Google Workspace to Microsoft 365 (or vice versa)?

Yes. Cross-platform migrations are a core service: email migration, file migration, identity and access management, DNS changes, and user training. Migrations are planned in phases to minimize disruption, typically over two to four weeks depending on organization size.

AI Governance & Deployment

What is AI governance and why does our organization need it?

AI governance is the framework of policies, controls, and oversight that ensures your organization uses AI tools responsibly, securely, and in compliance with regulations. It covers which AI tools are approved, who can use them, what data can be shared with AI systems, how outputs are reviewed, and how to handle incidents. Every organization using AI — even basic tools like Copilot or ChatGPT — needs governance. Without it, staff may inadvertently share sensitive data, make decisions based on AI errors, or violate compliance requirements.

How do nonprofits deploy AI safely?

Start with governance, not technology. Define which AI tools are approved. Create a usage policy that addresses data sensitivity — especially if you handle donor, student, or health data. Train staff on what they can and cannot share with AI. Deploy in phases, starting with low-risk use cases like drafting emails and summarizing documents before moving to anything that touches sensitive data. Dragonfish guides organizations through this entire process.

What is the difference between ChatGPT Business, Microsoft Copilot, and Claude Enterprise?

All three are enterprise AI platforms with data privacy protections. Microsoft Copilot integrates directly into Microsoft 365 apps — ideal if your organization lives in Outlook, Word, Excel, and Teams. ChatGPT Business offers a flexible interface and custom workflows, good for general-purpose AI use. Claude Enterprise excels at long document analysis, careful reasoning, and organizations that prioritize safety. Dragonfish helps you choose based on your tech stack, use cases, and compliance needs.

Security & Compliance

What compliance frameworks apply to schools and nonprofits?

Schools typically need FERPA compliance for student data, and may need COPPA compliance for children under 13. Nonprofits handling health data need HIPAA compliance. Many organizations also need to meet cyber insurance requirements, which increasingly mandate MFA, endpoint protection, backup verification, and incident response plans. SOC 2 applies if you handle sensitive third-party data. Dragonfish assesses which frameworks apply to your situation and builds governance that fits your size and risk profile.

How much does IT modernization cost for a small organization?

Costs vary significantly based on scope — the size of your organization, current state of infrastructure, and compliance requirements all factor in. Rather than publish ranges that may not apply to your situation, Dragonfish starts every engagement with a free discovery conversation and honest assessment. You will know exactly what you need, what it costs, and what can wait before committing to anything.

Working with Dragonfish

What industries do you serve?

Dragonfish specializes in three sectors: independent schools (K–12), nonprofits and foundations, and small to mid-size businesses (typically 10–150 employees). Deep experience in education and nonprofit environments means the practice understands FERPA, HIPAA, lean budgets, mission-driven culture, and the real constraints of small teams.

Where is Dragonfish located?

Based in the San Francisco Bay Area, with clients locally and remotely across the United States. Most work — strategy, governance, vendor management, cloud administration — is done remotely. For hands-on infrastructure projects, on-site work is available in the Bay Area or coordinated with local partners.

How do engagements typically start?

Every engagement starts with a free discovery conversation. No pitch, no pressure — an honest conversation about your challenges and whether there is a fit. If there is, the recommended first step is a focused engagement with a defined scope, timeline, and outcomes. Most organizations start with a Health Check or Security Audit, then progress to governance or implementation as needed.

Still have questions

A conversation is faster than a FAQ.

Share what your organization is dealing with. You will get an honest answer about whether there is a fit and what the practical next step looks like.

Start a conversation