October 17 2024 GM: Difference between revisions

Conexo: Organizational Security and Capacity Building From the Global South

• Date: Thursday, October 17
• Time: 9am EDT / 1pm UTC
• Who: Mario, Oriana and Fabian
• Facilitator: Mardiya
• Where: On TCU Mattermost "IF Square" Channel.
  • Don't have an account to the TCU Mattermost? you can request one following the directions here.

Join us on October 17 to hear from Mario, Conexo’s executive director; Oriana, the project coordinator; and Fabian, their technical coordinator, who will discuss:

• Conexo's work with different kinds of security interventions with at risk communities
• Capacity building and the Infuse project
• Integrating the psychosocial and physical aspects of security: what would you like to see?

Conexo is an organization that works with high-risk groups, providing diverse types of security support services, security audits, and training so that groups can effectively mitigate security risks. Their work includes supporting NGOs, LGBTQ+ networks, independent media, and human rights defenders. You can take a look at The Community Series post on Conexo: https://www.digitalrights.community/blog/community-series-conexo

What is Glitter Meetup?

Glitter Meetup is the weekly town hall of the digital rights and Internet Freedom community at the IF Square on the TCU Mattermost, at 9am EDT / 1pm UTC. It is a text-based chat where digital rights defenders can share regional and project updates, expertise, ask questions, and connect with others from all over the world! Do you need an invite? Learn how to get one here.

Notes

Can you tell us what Conexo does, and how it started, the locations and demographics you work in and with?

• We do several things at Conexo: we work with civil society organizations, independent media and journalists, LGBTQ+ organizations, and other at-risk communities to improve their security. We do capacity building on auditing and technical skills. We do guide development, and application development.
• We work mostly in Latin America, but recently we’ve been doing work in Europe as well.
• We started by realizing we could achieve more as an organization, after years of working as independent contractors, and we have!
• Everything on the website is and will continue to be free!

We were chatting with a journalist from Mexico yesterday and they mentioned that a lot of them need technical capacity building, not limited to security but including how to analyse geo-spatial data that shows pollution or know where to go find it in the first place, is this something you support folks with as well??

• Sometimes we do things similar to that, and we have a whole tech department led by @fabian that can accommodate. Not our main focus, but it has happened!

How do you usually support at risk groups and defenders, what kind of security interventions and projects have you done? Please share in detail?

• Big question! The standard intervention we do includes a security assessment/audit based on SAFETAG (https://safetag.org/), 8-10 weeks of training focusing on digital security, and accompaniment to implement security measures. This does have a digital focus but through a people+processes lens, and we’re integrating the psychosocial and physical aspects more and more.
• We also recently worked on the Infuse project, which recently launched the website! https://infuse.quest/
• We have several guides (in Spanish) https://conexo.org/guia+https://conexo.org/herramientas and https://conexo.org/elecciones

Can you go into more detail about the Infuse Project?? What is it?

• Infuse is a community-developed framework providing pathways for digital protectors (digital security trainers, technologists, auditors, etc.) to advance their knowledge and skill sets in areas of specialized technical expertise (STE).
• Infuse aims to make much-needed STE more widely available in contexts where at-risk communities need it the most, by upskilling protectors who already have established trust with these communities. This involves localizing expertise, as well as expanding accessibility to and increasing the diversity of providers of specialized digital security support.
• During 2024, we participated as the LATAM regional partner of INFUSE and served as mentors for multiple learners. We also helped with the development of the guides which you can find on the recently released website, in several languages: https://infuse.quest/en/

Do you need a certain level to be able to follow the courses they offer? And how do you find a mentor?

• If you have a basic digital literacy and willingness, you can probably jump in! The learning paths mention some of the assumptions, and include resources. You can also try to find a mentor to help!
• You can leverage some of your existing communities to find mentors, and https://infuse.quest/en/community specifically includes an email to [email protected] and a coalition of organizations will get that and try to help as well.

And how do you sustain the work that you do overall? How does it remain free beyond the costs to maintain it? Is there a secret recipe to all that?

• We have found no secret recipe for sustainability! Funding has always been a big challenge and many of us in the community have felt that increase as of late. We focus on the quality of our work, the strength of our relationships and planning ahead. Build capital reserves, be strategic around your work and projects, grow sustainably. Treat your staff as people and not only assets.

There are many folks here who work on supporting at-risk groups, what are some of the key lessons you have learned that has shaped your work? That is the type of projects you do, your support frameworks and approaches, etc. How long it take you to get to these lessons?

• Over these ten years we have learned some lessons:
  • We need to understand that most people and organizations in our space are overworked and underfunded, so we’re very flexible with time investment from their end and provide free tools or try to find donations for devices. We’re leaning towards longer-term and less intensive interventions so they can do their work.
  • Shorter-term interventions tend to have less impact, actually being there with the people implementing helps a lot.
  • Organizations have people at the core, so there is no techno-solutionism or cookie-cutter interventions.
  • A project ending doesn’t mean a relationship ends, so we continue to connect and help however we can.
  • We’ve learned over the years that if we really want to make an impact, security must also involve physical and psychosocial aspects.
  • Take care of yourself first before taking care of others. Sustainability includes you.

• The thing that has helped us the most involves connecting to people. That includes communities such as these:
  • Many Signal groups with close people
  • Team CommUNITY
  • The Safetag community
  • CiviCERT
  • Cosic
  • Many others

Are there any resources you would like to share? And how can the community reach you in case they are interested in collaborating or asking more questions about yourselves and the work you do?

• You can reach us at [email protected]
• Or directly at [email protected], [email protected] or [email protected].
• We all have mattermost users as well! @mario @oriana @fabian