Human Rights Defenders / IHRFG Events

IHRFG’s 2015 San Francisco Institute: Digital Security: A Process, Not a Destination

IHRFG recently held a daylong training on digital security for funders, led by the Tactical Technology Collective. Following the event, we will share reflections from the grantmakers who came together to explore this question. Click here to read more lessons and join the conversation!

– Contributed by Isaac Kaijankoski, Manager, Workplace and HR Operations, The Christensen Fund

Institute image

The most important takeaway for me from Beyond Passwords: Enhancing Digital Security for Human Rights Funders and Grantees is that digital security is a continuous process which nobody has perfected and which we all will need to continue improving. From the individuals I spoke to, it sounds like each organization is at a different stage in the process and each organization has unique needs which require a tailored approach. To further complicate this is the constantly changing nature of IT, technology, and security in general which necessitates this need for continuous evaluation and improvement. In short, nobody should feel inadequate in their approach or the status of their organization’s endeavors because the field is so rapidly evolving.

Another important and related takeaway is that there is no one technology or practice we can implement that will ‘solve’ this challenge. New practices and threats constantly emerge so that IT and program personnel need to constantly assess best practices to decide if there exist new measures to implement and/or traditional practices which are no longer relevant. In addition, organizational needs may evolve such that what worked before is no longer effective. This applies to the political and country-specific landscape as well.

In conclusion, digital security is a process, not a destination, and we should never cease assessing it and should never be satisfied or feel like we are ‘done’ implementing security measures. All departments and levels of the organization will need to be part of this process, and it should be mainstreamed as a systemic part of each organization’s management.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s