Securing ChΔnge

Security Services for Change Agents

logo

Securing Change offers security services, consulting, and information for organizations that foster social good, such as non-profits, NGOs and B-Corps. We believe that digital security should not be limited to those who can afford it — organizations that initiate social change should have the same amount of digital security as large, well-funded organizations. We aim to help organizations in a number of ways: educating them about easy-to-implement solutions as well as providing consultants for urgent and non-urgent security needs. Please contact us if you are interested in our services.

Follow us on Twitter @securingchange and Tumblr.

About

Why is information security critical to philanthopy?

Granting organizations are investing in social good and our mission is to help them protect those investments. Organizations need to have assurance that the security practices and technologies that they implement provide adequate security necessary to protect their mission, systems, and information.

Services

Securing Change offers 3 different types of services:

Email us at request@help.securingchange.org to request volunteer help.

  • Website Security

    We back up the website's source code into a repository that can show a history of the changes made. Our service protects against drive by downloads, watering hole attacks, and web shells. We scan web content and look for malicious iframes, shells, and obfuscated javascript injected by attackers to track and infect your website visitors. Our volunteer staff will help assess where the infection exists in your web content and the best way to remediate the security flaw that allowed the attacker to infect your content.

  • End Point Security

    We analyze the configuration of all of an organization's pool of desktops and mobile devices and make recommendations based on information security best practices. This service is provided by certification organizations as a part of their recertification test.

  • Incident Response

    Our volunteer team of security experts will help prepare your organization to withstand a digital attack by identifying the most vulnerable areas of your operation. During an attack volunteers will help your organization contain and eradicate the attackers and recover digital assets. After the attack, our team will analyze the how the attack occurred and help better prepare your organization for the next attack.

Securing Change helps protect the integrity of information systems by providing security solutions, standards, testing methods, and checklists covering basic procedures for safe computing.

Organizations need information security tools and practices and resources even when outsourcing and using cloud computing or external email systems.

For example: what do organization's day-to-day operations have in common with email or Internet access? If core business systems are done on the same computer, with email and general web access, the organization may want to think more about computer security information such as payroll records or other proprietary information about members or donations or other stored data.

A system breach could impact the organizations reputation, plus it could have extensive recovery costs. The organizations that recognize the risk of computer threats and take steps to deter inappropriate activities will be much less likely to become a victimized. Securing Change is able to provide resources to assist.

Resources

Information Security Resources

Checklists

Team

Oliver Day

Oliver Day is an information security professional and has consulted for many Fortune 100 companies in the last ten years. He has developed security audits to detect vulnerabilities in computers remotely, performed penetration tests, and architected security through analysis of engineering designs. His information security pedigree includes tenure at companies such as eEye Digital Security, @stake, Symantec, Rapid7, StopBadware and Akamai.

Oliver is also deeply fascinated by urban farming and has a thriving herb garden. He likes to study the applications of biostatistics and epidemiological models to predict the spread of computer disease. He is also an avid student of Mandarin and international relations issues in Asia. He lives with one very happy and slightly chubby cat.

Dharmishta Rood

Dharmishta Rood is the Accelerator Manager at Code for America. Previously she was a researcher at Harvard Business School, a research fellow in Psychology at Harvard, and a fellow at MIT Media Lab's Center for Civic Media. She has worked for numerous organizations, conducting research about technology for startups, large organizations and universities. She believes technology can facilitate positive change in the world.

Melissa Choi

Melissa is an associate computational biologist at the Broad Institute of MIT and Harvard and former Beckman Scholar at Boston University. She is the co-founder and COO/CFO of STEMid, a socially-minded startup that seeks to connect students to science internships. She is meticulous and deals with all paperwork and finances, taking a leaf out of her own habits as a published researcher who keeps a disturbingly neat lab notebook. Every now and then, she pings the team on progress updates and holds everyone accountable.

Yan Zhu

Yan (MIT '12, B.S. Physics) likes information freedom, the right to privacy, theoretical physics, cryptography, free software, and an Internet that respects humans. She is a Staff Technologist at the Electronic Frontier Foundation, a developer of SecureDrop under the Freedom of Press Foundation, and formerly a security engineer at Hackpad. She had a National Science Foundation Graduate Fellowship at Stanford for 4 months before dropping out of the Physics PhD program.

Contact

If you are interested in any of our services contact us via email, phone, or twitter.

requests@securingchange.org
501-INFOSEC (501-463-6732)
@securingchange