❮

Know How

❯

Digital Communication Security

Key to Success and Challenges

Key To Success

Set up a team within the organisation responsible for the security strategy plan.
Review your personal security, think about yourself and your connections, including your family.
Share experiences of cases where you felt threated or at risk. Sometimes similar cases may indicate a moment for increased attention.

Challenges

Don’t give up, behaviour change take time. Establish implementation plans that will be put in place over the long term.
Talk to the team about the need for group precautions. Individual security and that of the organisation depend on the collective.

Digital Communication Security

Introduction

Digital security consists of a series of measures to protect information from possible attacks, thereby maintaining the integrity of an organisation’s communication and digital files. These measures are undertaken through a group process, involving many people at different levels of communication.

Why

"; This material is useful for an organisation which:

Wants to construct a more secure communications network between its contacts;
Sees the need for behaviour change to protect itself;
Produces content and data that must only be known to the organisation;
Values the security of its team and resources;
Seeks autonomy of information exchanged between everyone.

What you can expect

A step-by-step guide on how to activate digital security strategies for integrated protection and a brief overview of how the internet functions in order to understand the pathways digital information takes, contextualizing the importance of security of information linked to concepts of surveillance and privacy. Here, you will also obtain knowledge of certain tools to construct a digital security protocol.

Step 1: Establishing Needs

There are four steps for constructing a secure digital environment: Classify – Reduce – Fortify – Create Networks. These steps are key to improved data security. In this toolkit, we'll guide you through them. But start with this:

Assess the need to establish more secure channels of communication to share specific information between organisation members.
Obtain details about current communications and how data management takes place in order to reflect on whether there may be security gaps in these processes.
Have you experienced any type of attack on your social networks or the organisation’s e-mails? If you have, now is a good time to reassess your digital security.

Watch this excellent short video by WACSI about the importance of digital security for civil society organisations:

[embed_yt id="8E1pJs1-d2c"]

Step 2: Classification

There is both our information and that of our organisation, which cannot ever be exposed! What are the first five vulnerable sources of information that come to mind? Try listing them to identify where they are stored. Use the strategy model below. The video explains the connection between data storage and power.

Strategy model:
[downloadbutton type:XLS size="m" url="https://www.changethegameacademy.org/wp-content/uploads/2020/02/ING-modelo-estrategias.xlsx" ]Strategy model [/downloadbutton]

[embed_yt id="kwEqqh7MWrU"]

Step 3: Reduction

Is it really necessary to keep all our information, or does this make us vulnerable? Some data may be deleted or hidden. We have to classify which content is a “friend” or an “enemy” of our security. In the case of publications on social networks, some key words are easily located by malicious groups.

Take your list from Step 2 and try to analyse which information may be deleted or hidden. Pay attention to the information that needs to be maintained and replicated in backup copies.

Step 4: Fortification – start with passwords

Data surveillance may take place through the loopholes we leave along the way. You can use tools and strategies to make it difficult for people to monitor you. It is important to remember that security is a group process and it may take time to implement a number of tools and strategies.

Strengthen your passwords: One important feature of fortification is having strong passwords for accessing services, we recommend:

long passwords, think of a phrase that is not very obvious or connected to you
use upper and lower case, numbers and symbols
ones that can be frequently changed and are unlike others
store these securely in an encrypted database, you could use a programme such as KeepassXC.

Another important aspect is linked to two-factor authentication for accessing social networks, such as:

Facebook

[downloadbutton type=url url="https://www.facebook.com/help/148233965247823"]two-factor authentication Facebook[/downloadbutton]

[downloadbutton type=url url="https://faq.whatsapp.com/en/android/26000021/"]using two step verification Whatsapp[/downloadbutton]

Instagram

[downloadbutton type=url url="https://help.instagram.com/566810106808145" ]what is two step verification Instagram[/downloadbutton]

Twitter

[downloadbutton type=url url="https://help.twitter.com/en/managing-your-account/two-factor-authentication" ]two-factor authentication Twitter[/downloadbutton]

Step 5: Fortify your communication using encrypted chat

It is important for our private communications to remain private, which is why we recommend using end-to-end encryption with a reliable app.

Install and use Signal

[downloadbutton type=url url="https://signal.org"]Signal[/downloadbutton]

Step 6: Fortify the security of your online meetings

We recommend using secure and open source* applications, such as meet.jit.si.

On a cell phone, download the app, create a room, then share the address.
On a computer, access meet.jit.si changing “room name” to a name of your choice.

Then simply share the address. Try to hold an online conversation with someone using this tool.

*open source software means the source code is freely available to users

Step 7: Fortify browsing through a VPN network

Use a VPN (virtual private network) programme to establish an encrypted connection in public networks (squares, airports, hotels, etc.), so as not to reveal your identity to the sites you visit. VPN accesses your connection from another country and may also be used to bypass potential site blockages due to local censorship.

It is extremely important to use trusted VPNs; we recommend:

Riseup

[downloadbutton type=url url="https://riseup.net/"]Riseup[/downloadbutton]

TunnelBear for iPhone

[downloadbutton type=url url="https://www.tunnelbear.com"]TunnelBear for iPhone[/downloadbutton]

Install the app and try to locate your IP address:

Install and use the app

[downloadbutton type=url url="https://whatismyip.network/"] What is my IP network[/downloadbutton]

Step 8: Create networks – never be alone

In any defence activity, it is important to establish who will be in your support network. List who will be in this network and why. The idea is to sit down with your team and consider all possibilities together. Responsibility for a secure environment has to be shared with everyone.

REMEMBER: security is also about the construction of a support network!

Key To Success

Set up a team within the organisation responsible for the security strategy plan.
Review your personal security, think about yourself and your connections, including your family.
Share experiences of cases where you felt threated or at risk. Sometimes similar cases may indicate a moment for increased attention.

Challenges

Don’t give up, behaviour change take time. Establish implementation plans that will be put in place over the long term.
Talk to the team about the need for group precautions. Individual security and that of the organisation depend on the collective.

Print the step-by-step-guide

❮

❯

Know How

Tools

Related Toolkits

❮

❯