IHRFG recently held a daylong training on digital security for funders, led by the Tactical Technology Collective. Following the event, we will share reflections from the grantmakers who came together to explore this question. Click here to read more lessons and join the conversation!
– Contributed by Isaac Kaijankoski, Manager, Workplace and HR Operations, The Christensen Fund
The most important takeaway for me from Beyond Passwords: Enhancing Digital Security for Human Rights Funders and Grantees is that digital security is a continuous process which nobody has perfected and which we all will need to continue improving. From the individuals I spoke to, it sounds like each organization is at a different stage in the process and each organization has unique needs which require a tailored approach. To further complicate this is the constantly changing nature of IT, technology, and security in general which necessitates this need for continuous evaluation and improvement. In short, nobody should feel inadequate in their approach or the status of their organization’s endeavors because the field is so rapidly evolving.
Another important and related takeaway is that there is no one technology or practice we can implement that will ‘solve’ this challenge. New practices and threats constantly emerge so that IT and program personnel need to constantly assess best practices to decide if there exist new measures to implement and/or traditional practices which are no longer relevant. In addition, organizational needs may evolve such that what worked before is no longer effective. This applies to the political and country-specific landscape as well.
In conclusion, digital security is a process, not a destination, and we should never cease assessing it and should never be satisfied or feel like we are ‘done’ implementing security measures. All departments and levels of the organization will need to be part of this process, and it should be mainstreamed as a systemic part of each organization’s management.