What protocols/programs should our organization and its members protect?
This is a list of protocols most movement activists use in their work, as well as possible secure software to install. We encourage you to visit each page description.
As an organization, you may well be using an office network. A network is not much more than a system of desktop computers and a central storage device. The instructions given in the articles below apply to every computer and device in your network.
(Note: Each entry will have a link to the specific article on that issue).
Phone
Individually, most of your staff will have their own computers and cellphones. Right now, cell phones are the most insecure communications protocol we use. It’s also probably the most popular. Please see the cell phone page for information on how to use more secure ways to send messages and make calls, encrypt your phone storage and avoid sending your data to Google and Apple.
Disk Encryption
If someone gets physical access (by theft or some other way) to your computer or phone, will they see anything you don’t want others to see? If so, you need to encrypt your hard drive. Encrypting your hard drive is more than just adding a login. It means the contents of the hard disk itself are encrypted so that nobody can read it without the password (including you if you lose it!). Follow these steps for iPhone, Android, Windows 8.1, Windows 10 , or Macintosh.
Password Manager
If you use the same password for every site and one of those sites is compromised, then attackers can use your password to access your information on any of the other sites. This happens all the time, particularly because too many of our passwords are easy to guess.
Make this a priority for your organization (across the network) and for individual activists. You should have a different password for every site you visit, and the passwords should be stored on your computer via a password manager. All you need to do is type in a master password (which your browser will request). Then you can visit all your sites without logging in and you are fully protected.
The Cloud
Cloud storage is a highly efficient way of storing data on a network of very powerful servers. It is among the most popular protocols for change movements. It is also a protocol that must be handled and planned carefully to protect your data. We have a article that explains the ins and outs of cloud storage and the impact it has on your security.
Database
As organizers we have a responsibility to protect the data we collect, especially if we are organizing in immigrant communities and among people of color, both of whom are increasingly vulnerable to state violence. Is our data safe in corporate databases like NationBuilder, whose CEO celebrates Donald Trump’s use of the service? Choosing a database involves more than ease of use, and each organization may have needs that are specific to that organization. We have some criteria to think about when choosing a database.
If you wish to protect your email, you should encrypt it. Encrypting email is not simple because it requires both the user and recipient to have encryption installed. Otherwise, the email is sent without encryption. This means keeping a “key list” up to date. This section on encryption explains it more fully.
There are many other security measures you can take. Depending on your organization’s profile, you may want to explore those. But as a start, the measures we have described above will greatly enhance your security.