Challenge
A nonprofit arts organization needed a way for board members and staff to securely access sensitive documents like meeting minutes, financial reports, and governance materials. The existing process relied on email attachments and shared drives, creating version confusion, security gaps, and no way to track who accessed what.
Solution
84EM built a custom WordPress plugin that provides two separate, secure document portals directly within the organization’s existing website. Board members and staff each have their own dedicated portal with role-based access control, passwordless login, and a categorized document library.
The system eliminates the need for third-party file sharing services while keeping everything managed within WordPress.
Key Capabilities
- Dual-portal architecture with separate board and staff document libraries, each with their own login page, access controls, and categorized document organization.
- Passwordless magic link authentication that sends single-use, time-limited login links via email, removing the password management burden for non-technical board members and staff.
- Secure file storage that moves documents outside the public web directory with hashed filenames, preventing direct URL access and requiring verified authentication before any download.
- Download audit logging that records every file access with user identity, document name, portal context, and IP address for governance and compliance tracking.
Results
Board members and staff moved from searching through email threads for the latest version of a document to accessing a single, organized portal. Version confusion was eliminated because documents exist in one authoritative location rather than as email attachments scattered across inboxes.
The passwordless login removed what would have been a significant adoption barrier. Board members who serve in a volunteer capacity and are often non-technical gained access through a simple email link rather than needing to create and remember another set of credentials.
The audit logging gave the organization visibility into document access for the first time. For governance and compliance purposes, the organization can now verify who accessed which documents and when – a capability that didn’t exist with the previous email-based distribution.
Administrators manage the entire system from within WordPress with no additional software licenses or third-party platforms required, keeping ongoing costs minimal for the nonprofit.
