Security, in all its forms, is critically important for safely using DemTools. While web based technologies can be empowering for civic organizations, governments and political parties, they can also provide new forms of risk to these organizations and the citizens trusting them with their information.
The personal information of people and internal governmental reports should remain confidential. For credibility to function in a democratic society, election data or compilations of citizen complaints must be free of manipulations and spam. Public platforms giving voice to those at risk of censorship must be kept accessible despite attempted censorship via hacking or denial-of-service attacks.
“NDI pledges to communicate proactively with DemTools users to alert them of potential threats or exploits and will publicly share information about security risks that have been discovered."
Security is a Team Effort
NDI has performed a holistic risk assessment to assess how best to protect the users of DemTools and engage security professionals in the auditing and assessment of the system. It is important to recognize that all security systems have flaws, and while NDI exercises due diligence, there is always the risk of a new vulnerability being exploited. As such, we encourage everyone, particularly security experts who want to have an impact on global civil society, to support this effort and responsibly disclose their suggestions for improvements in the DemTools programs. We are grateful for community feedback and are committed to rapidly addressing security gaps that are identified.
NDI pledges to communicate proactively with DemTools users to alert them of potential threats or exploits and will publicly share information about security risks that have been discovered. Furthermore, uncovered issues and vulnerabilities in the various open source projects in the DemTools suite will be shared with core team members upstream to better protect all users of our open-source comunitities.
Ultimately, security is a shared responsibility and users must feel empowered to do their part. For this reason, NDI encourages individuals in the DemTools community to practice good digital hygiene including: using strong passwords, responsibly sharing access to webapps, and performing regular software updates on their own computers – these are all elements that impact the safety of everyone.