Part 3 – Good Practices for Digital Security – Digital Security Training Curriculum

Data protection & Privacy How the internet works Part 3 – Good Practices for Digital Security

Step 6: After focusing on vulnerabilities, it will be time to break the group into smaller ones that can “adopt” one of the vulnerabilities discussed in the previous exercise and propose creative solutions for it. To make it less overwhelming for less experienced participants, each group will be given a piece of paper including one solution proposal that can ignite conversation.

Step 7: At the end, the groups will be given 30 seconds to a minute to present their ideas to the rest of the group (while one of the facilitators takes notes and makes additions to what is reported back by the groups). Facilitators will float around the groups giving brief explanations and answering questions, and mostly promoting discussion among all the participants.

Step 8: It’s important that, as this activity progresses, facilitators explain the basics of each solution. Also, depending on the level of interaction and speed of the workshop, it may not be possible to cover all the proposals.
Some of the ones that are consider most important to share are:
•Physical insecurity: reduce the exposition of devices in your organization to strangers
•Physical insecurity: use computer locks at your office and home
•Loss of information: keep a backup somewhere other than your office or home
•Loss of information: put someone in charge for everyone’s backups in your organization
•WiFi sniffing: Take off all the signs displaying the password of your WiFi
•WiFi sniffing: Change the password of your WiFi every couple of weeks
•Lack of encryption: Go to a cryptoparty in your city/come to workshop X
•Lack of encryption: Read Security in a Box on encryption
•Data and metadata requests from local/national governments: Work with digital rights organizations to find out ways to protect yourself legally
•Data and metadata requests from local/national governments: Find out what laws in your country say about the intervention of communications
•International surveillance: Switch to secure services for search, mail, hosting and communications in general
•Password insecurity: use long and complex passwords!
•Password insecurity: use KeePass to remember the many passwords you should have
•Phishing: Think before you click (be mindful of where you put your login information)
•Using other people’s WiFi: Always log out
•Using other people’s WiFi: Tell us – what should you not be checking when you’re on someone else’s WiFi?
•Malicious software: install anti-virus software and run it manually every week

Previous Topic

Back to Lesson

Next Topic

Related