10/29/2024 | News release | Distributed by Public on 10/29/2024 15:54
In August, NDI's Democracy and Technology (DemTech) team traveled to Honduras to provide three women's rights organizations in the Consorcio de Mujeres Unidas por Honduras (or Consortium of Women United for Honduras) tools and support to strengthen their digital security. Building digital resilience is essential for civil society organizations (CSOs) to operate safely and effectively. A compromised device, hacked email account, or sensitive information sent through unencrypted channels endangers the organization as well as the communities it serves.
Through a program co-implemented by NDI's Gender, Women, and Democracy team and the Latin America and the Caribbean team, DemTech conducted a full-day digital security training session. The joint training covered crucial topics, such as identifying phishing, securing accounts with two-factor authentication, avoiding malware, using end-to-end encrypted messaging, browsing the internet safely, preventing cyber attacks, and responding to online harassment.
To create an engaging and practical learning experience, DemTech incorporated interactive elements into the training. For example, periodic poll questions gauged participants' understanding and allowed them to share experiences and raise questions. Structured group discussions added another layer of practical application, with participants working together on scenarios such as encouraging their networks to use Signal (an encrypted messaging app) or disappearing messages for sensitive information. The DemTech team also helped the group identify phishing attempts and brainstorm digital security offboarding policies for departing staff.
Additionally, the DemTech training included opportunities for participants to set up two-factor authentication apps and download a trusted VPN, a virtual private network service that allows users to browse the internet more securely, building hands-on experience with these essential tools. As one participant from Centro de Estudio para la Democracia (CESPAD) noted, "all of the content is very useful, [but] I found the real-time tools [particularly] interesting." By the end of the joint session, all three groups expressed increased awareness and confidence in managing digital risks.
After the group session, DemTech dedicated individual time for each organization to discuss its specific challenges, such as secure data storage, website security, and account hacking. Highlighting the need for stronger protections, Foro de Mujeres Políticas de Honduras (FMPH) explained, "Honduras is a vulnerable country in digital security… this is one of the reasons why it is very important to implement more rigorous mechanisms to protect the data of women and other vulnerable populations with whom we work. We must prevent these populations from becoming victims of digital violence." Together, DemTech and FMPH explored more robust data storage and sharing policies.
Beyond technical solutions, DemTech emphasized creating a culture of security. Often, building team commitment to digital security requires a shift in organizational thinking and culture. With limited time and resources, prioritizing risks based on likelihood and impact can help organizations take realistic, actionable steps toward change.
When asked about shifts in their approach to digital security two months after the training, FMPH shared that "significant changes have taken place. Previously, this topic had been considered an important component, but after the training, it became a priority to the point of making immediate adjustments to the web page [and] taking certain security measures to safeguard the information we already had." They added that they "decided to create institutional email accounts. There are many changes. [Digital security] is now not just another issue but one of the most important ones."
While a one-day training and two-hour follow-up are impactful in raising awareness and building technical skills, lasting behavioral change requires continued support. To support this more sustainable organizational change, NDI connected the CSOs with a regional trainer to provide follow-up support on digital security and addressing tech-facilitated gender based violence (TFGBV). This follow-up included a training where participants took NDI's Think10 safety planning tool, a guide designed to safeguard women in politics and provide advice on how to enhance their personal security. NDI also shared tailored checklists with each organization to serve as a starting point for a digital security plan, help them track their progress, and continue to support their organizational security goals.
Digital security enables CSOs to better achieve their democratic goals at reduced risk of disruption or harm, including physical, reputational, or emotional harm. It's remarkable to see these three organizations quickly shift their objectives to include digital security, becoming both more knowledgeable and more confident in identifying and mitigating risks. When asked about the long-term impact of digital security on their organization, an FMPH representative reflected, "it contributes significantly since we handle sensitive information. In the long term, we are looking to implement more solid mechanisms to protect [our] information [and the data of] the populations we work with."
Author: Vanessa Revilla, Program Officer on the Democracy and Technology team
Related Stories/Resources:
Enabling Every Voice through Digital Security
Rapid Online Support for Women in Politics
###
NDI is a non-profit, non-partisan, non-governmental organization that works in partnership around the world to strengthen and safeguard democratic institutions, processes, norms and values to secure a better quality of life for all. NDI envisions a world where democracy and freedom prevail, with dignity for all.