You are browsing the archive for charity data.

Safety for Civil Society Organizers

- October 16, 2014 in charity data, Information, security

The engine room

This post was written by Alix Dunn, the co-founder and creative lead at the engine room. The engine room investigates and supports the use of technology in advocacy.
Last week, School of Data asked us to put together a few tips for civil society organizations who want to improve their security practices and keep their communities and operations safe. This post is for organizations who are trying to wrap their heads around how to begin to address information security risks.   To be clear, the steps an organization can and should take are as diverse as the contexts they work in. If you are a team fighting corruption in an authoritarian state, have poor internet connectivity, face frequent power cuts, and run large scale data projects, you will obviously have different security needs than a team fighting to increase the amount of open data made available to constituents in a Global North country. Security risks and ‘mitigation tactics’ (read: ways to protect yourself) concern all aspects of work: staff size, organizational resources, office infrastructure, technical know-how of staff, types of services the team uses, current practices, past threats and attacks, and more.   To address security concerns it is smart and often necessary to have the support of an experienced security trainer who can help you determine the best course of action. If you are worried about your security, please contact a support organization that you have a relationship with and ask them to point you to a security support organization. But here are a few general tips for starting to understand your security situation.  
  1. Understand what you have. This might seem obvious, but lots of organizations and teams collect so much information (emails, documents, financial information, spreadsheets, publications, mailing lists, etc.) that often times they don’t know what information they have. Try making as exhaustive a list as you can (and don’t forget physical documents!). Work through the list, and tag by sensitivity (1 being the least sensitive, 5 being super top secret), and importance for operations (1 being we could easily work without it, 5 if we lost it we’d be lost ourselves). With this list, you have a better understanding of what you have. Also remember, that this list is also a piece of information that is both sensitive and important for operations!
  2. Protect what you have from loss and unauthorized use. For things that are most sensitive, precautions should be taken to protect the information. Protecting information means limiting access to only people in the organization that need it, and putting systems in place so that the information cannot be easily accessed by those who are not granted permission. If information is rated as highly important for operations, make sure it is backed up regularly and that the backups are not stored in the same environment (and perhaps not even in the same country) as the originals.
  3. Only collect and save what you need to. If something is highly sensitive and not important for the organization, then you might have a problem collecting too much information that you don’t need. Use that information (about how you are collecting extra information that can only do you harm) to encourage more responsible data collection. If you don’t need it, don’t collect it. And if you already collected it and don’t need it, get rid of it. Got a list of names and personally identifiable information about participants from a workshop you did three years ago? Get rid of it!
  4. Promote individual learning within the organization. The security practice of each member of the organization affects the team as a whole. Provide opportunities and share information about improving security practices in the way that each individual uses digital tools and information. If you have regular learning opportunities for your team, make sure that security training is on offer. For example, if someone is accessing email related to sensitive work on their phone, provide guidance and training on how to make sure the information and the phone are protected.
  5. Identify people in your organization as future security heroes. Learning about, and pushing for, better security practices isn’t for everyone. Find people who are keen to learn more about how to protect information and encourage better security practices for the team. Provide professional development opportunities for them and once their skills are developed, trust them when they say something is important.
  Some resources to check out if you want to read more about practical steps:       flattr this!

A Weekend of Data, Hacks and Maps in Nigeria

- September 16, 2014 in charity data, Data Cleaning, Data Expeditions, event, Mapping, maps, School_Of_Data, spreadsheets, visualisation

It was another weekend of hacking for good all around the world, and Abuja, Nigeria was not left out of the weekend of good, as 30 participants gathered at the Indigo Trust funded space of Connected Development [CODE], scraping datasets, brainstorming creating technology for good, and not leaving one thing out – talking soccer (because it was a weekend, and Nigeria “techies” love soccer especially the English premiership).
Participants at the Hack4Good 2014 in Nigeria

Participants at the Hack4Good 2014 in Nigeria

Leading the team, was Dimgba Kalu (Software Architect with Integrated Business Network and founder TechNigeria), who kick started the 3 day event that was built around 12 coders with other 18 participants that worked on the Climate Change adaptation stream of this year #Hack4Good. So what data did we explore and what was hacked over the weekend in Nigeria? Three streams were worked :
  1. Creating a satellite imagery tagging/tasking system that can help the National Space Research Development Agency deploy micromappers to tag satellite imageries from the NigeriaSat1 and NigeriaSat2
  2. Creating an i-reporting system that allows citizen reporting during disasters to Nigeria Emergency Management Agency
  3. Creating an application that allows citizens know the next water point and its quality within their community and using the newly released dataset from the Nigeria Millennium Development Goal Information System on water points in the country.
Looking at the three systems that was proposed to be developed by the 12 coders, one thing stands out, that in Nigeria application developers still find it difficult to produce apps that can engage citizens – a particular reason being that Nigerians communicate easily through the radio, followed by SMS as it was confirmed while I did a survey during the data exploration session.
Coders Hackspace

Coders Hackspace

Going forward, all participants agreed that incorporating the above medium (Radio and SMS) and making games out of these application could arouse the interest of users in Nigeria.  “It doesn’t mean that Nigerian users are not interested in mobile apps, what we as developers need is to make our apps more interesting” confirmed Jeremiah Ageni, a participant. The three days event started with the cleaning of the water points data, while going through the data pipelines, allowing the participants to understand how these pipelines relates to mapping and hacking. While the 12 hackers were drawn into groups, the second day saw thorough hacking – into datasets and maps! Some hours into the second day, it became clear that the first task wouldn’t be achievable; so much energy should be channelled towards the second and third task.
SchoolofData Fellow - Oludotun Babayemi taking on the Data Exploration session

SchoolofData Fellow – Oludotun Babayemi taking on the Data Exploration session

Hacking could be fun at times, when some other side attractions and talks come up – Manchester United winning big (there was a coder, that was checking every minutes and announcing scores)  , old laptops breaking (seems coders in Abuja have old  ones), coffee and tea running out (seems we ran out of coffee, like it was a sprint), failing operating systems (interestingly, no coders in the house had a Mac operating system), fear of power outage (all thanks to the power authority – we had 70 hours of uninterrupted power supply) , and no encouragement from the opposite sex (there was only two ladies that strolled into the hack space).
Bring on the energy to the hackspace

Bring on the energy to the hackspace

As the weekend drew to a close, coders were finalizing and preparing to show their great works.  A demo and prototype of streams 2 and 3 were produced. The first team (working on stream 2), that won the hackathon developed EMERGY, an application that allows citizens to send geo-referenced reports disasters such as floods, oil spills, deforestation to the National Emergency Management Agency of Nigeria, and also create a situation awareness on disaster tagged/prone communities, while the second team, working on stream 3, developed KNOW YOUR WATER POINT an application that gives a geo-referenced position of water points in the country. It allows communities; emergency managers and international aid organizations know the next community where there is a water source, the type, and the condition of the water source.
(The winning team of the Hack4Good Nigeria) From Left -Ben; Manga; SchoolofData Fellow -Oludotun Babayemi; Habib; Chief Executive, CODE - Hamzat

(The winning team of the Hack4Good Nigeria) From Left -Ben; Manga; SchoolofData Fellow -Oludotun Babayemi; Habib; Chief Executive, CODE – Hamzat

Living with coders all through the weekend, was mind blowing, and these results and outputs would not be scaled without its challenges. “Bringing our EMERGY application live as an application that cuts across several platforms such as java that allows it to work on feature phones can be time consuming and needs financial and ideology support” said Manga, leader of the first team. Perhaps, if you want to code, do endeavour to code for good!   flattr this!