The Association for Progressive Communications (APC) has developed a series of briefings to help those working on-line improve the security of their computer and on-line communications. The briefings were developed as part of a project aimed at improving the on-line security of computer users such as journalists and human rights workers. But the content of the briefings is relevant for all those working on-line.
An Introduction to the ‘Participating With Safety’ Project
Computers are a very useful tool to assist people’s work. They not only help with writing, graphic design and publishing information, they are increasingly becoming an essential communications tool as part of computer networks and the Internet.
But the reliance people have on computers is also a weakness. This weakness, and the ways of working around the problems computer technology can create, must be understood by those using computers. Through the understanding of the weaknesses of the way computers and computerised communications work we can take steps to protect our work, our security and our privacy.
There are many different aspects to using computers securely: You can set-up the computer to run more securely and reliably; Using access controls, such as passwords, you can prevent disclosure of information; By organising the information on the computer, and keeping regular copies, you can prevent the loss or corruption of information; and Using various means, you can secure your use of the Internet, and prove the authenticity of your communications.
Using computers more securely is a mixture of learning a little more about how the computer works, and undertaking certain tasks on a regular basis. The vast majority of the risks to your use of your computer come from mistakes in your own use or storage of information, or from the failure of the equipment it is stored on. Surveys in industries dependent on computer technology have found that 75% of data losses are due to internal errors, not from external factors such as computer viruses or deliberate damage. You don’t have to organise your information according to a strict formula. But it must be done in a way that everyone who needs to use it understands how data is stored and used. It’s also important to organise things to make it easier to keep copies of information, and to store those copies in such as way that they cannot be damaged or destroyed.
The other issue to deal with are the external threats to your work and computerised information. This comes from a variety of sources. There are the everyday risks from bad software and computer viruses. But increasingly we are becoming subject to directed risks; this can be the intrusion by the state or corporations who seek to frustrate or prevent our work taking place, or those seeking to defraud or steal information or computer equipment. The careful management of information, and the use of access controls to data and equipment, can help reduce the impacts of any attacks on you or your organisation. But it is important to realise that you can never completely prevent damage or data loss from external influences.
Overall, the purpose of these briefings is to help you make a qualitative improvement to the security of your computer and communications.
Variously formated (html/pdf/doc) briefings include:
- Introducing Information Security
- Backing-up Information
- Living Under Surveillance
- Passwords and Access Controls
- Using Encryption and Digital Signature
- Computer Viruses
- Using the Internet Securely