Top Digital Security Tips for Civil Society Activists

Civil society activists face unique challenges in today’s interconnected digital landscape, and from my experience working with activists, journalists, and W/HRDs across the MENA region, I can tell you that online security is one of the most pressing challenges they face. Activists are often targeted specifically for their advocacy actions and initiatives, making it critical to adopt a set of robust digital safety practices. In this introductory blog post, I’ll be sharing some key tips—drawn from the capacity-building programs I’ve delivered since 2018—to help activists enhance their digital security and protect their personal and organizations’ digital assets.

1. It Starts with Strong, Unique Passwords

Just like a fortress needs a sturdy gate, your online accounts require strong, unique passwords to keep intruders out. This is something I always emphasize in my Cybersecurity training sessions: craft passwords that are not easily guessable and use a combination of letters, numbers, and symbols. Additionally, make sure you always enable two-factor authentication (2FA) whenever the option is available—this extra layer of protection can significantly reduce hackers’ attempts to compromise your accounts and keep your sensitive information safe.

Here’s a critical tip from my work with CSOs: avoid using the same password for multiple accounts (I’ve seen too many cases where one compromised password led to multiple accounts being breached). Instead of saving your passwords in the browsers you use, start using password managers like LastPass or Bitwarden—they’re game-changers for managing your digital security efficiently. (You can find a comparison between the two to help you choose what works best for you).

2. Think Twice Before Sharing Information Online

Sharing is caring, but not everything is meant for public consumption—this is something I learned through years of working with activists who faced surveillance and targeting. As an activist, you need to be mindful of what you post on social media and other online platforms. Avoid sharing personal information, location data, or details about your activism that could jeopardize your online and offline safety or that of others in your network. From my experience, even seemingly innocent information can be pieced together by those monitoring your activities.

3. Use Encrypted Communication Tools

In digital spaces, conversations can be intercepted, but you can shield your communications with encrypted tools—something I always recommend in my Digital Security workshops. Apps like Signal or WhatsApp (with end-to-end encryption enabled) act like virtual secure vaults, ensuring that only you and your intended recipients can access the messages. This allows you to communicate freely and securely about sensitive topics without fear of surveillance. For activists working on sensitive issues (which I’ve supported throughout my work at the Innovation for Change MENA Hub), this isn’t just a best practice—it’s essential.

4. Protect Your Online Presence with a VPN

A Virtual Private Network (VPN) works like a digital shield, masking your online activity by routing your internet connection through a secure server. This keeps your location and identity hidden from prying eyes—whether that’s governments, internet service providers, or malicious actors. From my work with activists across the region, I’ve seen how VPNs can be critical tools for accessing blocked content and protecting your digital footprint, especially in contexts where internet freedom is restricted. (You can check reviews of the best VPNs of 2024 to find one that fits your needs and budget).

5. Safeguard Your Work: Back Up Your Data Regularly

Life happens, and sometimes devices get lost, stolen, or confiscated—I’ve supported activists who lost years of work because they didn’t have backups. Don’t let your important files and documents vanish! Make it a habit to regularly back up your data to cloud storage or an external hard drive. These serve as your safety net, ensuring your work remains accessible even if something happens to your primary device. (For online cloud storage services, you can check reviews on the best options available, keeping in mind both security and accessibility for your specific context).

6. Stay Updated: Security Patches Are Your Friends

In the digital world, staying up-to-date is crucial for keeping cyber threats at bay—this is something I emphasize in every training I deliver. Regularly update your devices and software with the latest security patches and updates. These updates fix vulnerabilities that hackers actively exploit, and ignoring them is like leaving your door unlocked. Set your devices to update automatically if possible, so you don’t have to remember to do it manually.

A Final Word on Digital Safety

Remember, no one can guarantee complete 100% digital safety—and I’m always honest about this with the activists and CSOs I work with. However, following these basic steps and measures can significantly reduce the risks of digital threats and ensure that activists can continue their important work with greater confidence and security. These practices, combined with ongoing learning and awareness (something I try to promote through resources like AmanRaqmy.org), can make a real difference in protecting yourself and your community.

Stay safe, stay vigilant, and keep doing the important work that makes our societies more just and inclusive. Your security matters, and investing time in these practices is investing in the sustainability of your activism.