NGO staff gather, create and use a wide variety of information and data in the course of their work. While most organisation’s strive for openness and transparency, these principles need to be balanced with the need to protect certain information and data. For example, personnel files, staff movement plans, financial procedures, beneficiary lists, or information on political developments may be sensitive or confidential in certain contexts. Such information in the wrong hands may expose an organisation, and its staff, partners and beneficiaries, to threats from the authorities, armed groups or criminals.
As digital or technology-based risks continue to evolve, staff should remain aware of the various threats that exist and adapt their online behaviour to mitigate risks to themselves, colleagues and their organisation. Individuals are often the weakest link when it comes to their own digital security.
All staff need to be security-conscious when collating, storing, communicating and disposing of sensitive information.
Digital security risks should be highlighted as a specific component of your security plan and all staff should be advised on how to protect themselves and the information they are working with in their specific location.
Resources & Tools
- GISF Security to Go - Module 4: Digital security - pdf0.13 MB
- GISF Security to go - Module 9: Communications and information security - pdf0.11 MB
- Disaster Ready/GISF Mobile Guides - Security Risk Management Toolkit: Digital Security - pdf0.94 MB
- ACT Alliance - Digital Security Guidelines - pdf1.91 MB