Recommendations Checklist

WORK IN PROGRESS

The recommendations for your organisation are divided into Preparations, and Conduct. The action items under Preparation will assist you in strengthening your digital security. The more items from this list you complete, the less at risk your organisation's staff is while using digital technologies at work, or while carrying their devices with them. The items under Conduct are aimed at changing the behaviour and mindset of the staff in your organisation to remain vigilant and make digital hygiene and security a personal habit.

For further details on the conventions of this reference, please visit help.

Preparation Checklist

For an explanation of the icons and columns in the tables below, please visit help.

The items starting with 🔒,📱,💻,🖥️ are linked to the instructions. The items starting with 🔘/✅, are just more detailed steps of the recommendation directly above them. For each set of 🔘s only one needs to be completed, for the ✅s, you can complete as many as you want.

Authentication

DONE ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 🔒 Strengthen your Password Habits ⭐⭐⭐⭐⭐ ⭐⭐ 🧑🧑🧑 🆓
DONE ✅ 1. Create Secure Passphrases - - - -
DONE ✅ 2. Install a Password Manager (Bitwarden) - - - -
DONE ✅ 3. Install the Bitwarden Extension for your Browser - - - -
DONE ✅ 4. Install Bitwarden on your Smartphone - - - -
DONE ✅ 5. Replace All Your Weak Passwords - - - -
DONE 📱 Create a PIN for your SIM ⭐⭐⭐ 🧑 🆓
DONE 📱 Configure your Lock Screen ⭐⭐⭐⭐⭐ 🧑 🆓
DONE ✅ 1. Use a PIN code to lock your phone - - - -
DONE ✅ 2. Turn off Biometrics - - - -
DONE ✅ 3. Turn on Lockdown - - - -
DONE ✅ 4. Set Autolock with a Short Delay - - - -
DONE ✅ 5. Disable Notifications on the Lock Screen - - - -
DONE ✅ 6. Add Emergency Contacts - - - -
DONE 🔒 Setup an Authenticator for Multi Factor Authentication ⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓

Devices and Operating Systems

DONE ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 📱 Automatically Download App Updates ⭐⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Uninstall Unused Apps ⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Review and Revoke App Permissions ⭐⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE 📱 Decide how to Hide Your Apps ⭐⭐⭐⭐ ⭐⭐(⭐) 🧑🧑🧑 🆓
DONE 🔘 Remove Apps from the Drawer and Homescreens - - - -
DONE 🔘 Change the Icon and Name of your App - - - -
DONE 🔘 Put Apps into a Vault - - - -
DONE 🔘 Create Parallel or Decoy Apps - - - -
DONE 📱 Hide Your Documents and Photos ⭐⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE ✅ 1. Ensure the your storage is encrypted - - - -
DONE ✅ 2. Setup an Encrypted Vault - - - -
DONE ✅ 3. Selective Cloud Sync - - - -
DONE ✅ 4. Reduce the Amount of Data on Your Phone - - - -
DONE 💻-🖥️-📱 Archive or Destroy Your Data ⭐⭐⭐⭐⭐ ⭐⭐(⭐) 🧑🧑🧑/🏗️🏗️ 🆓-💵💵
DONE 🔘 Archive Files in Cloud Storage - - - -
DONE 🔘 Archive Files in Local Storage - - - -
DONE 🔘 Remove Archived Files - - - -
DONE 🔘 Archive Emails in Cloud Storage - - - -
DONE 🔘 Archive Emails in Local Storage - - - -
DONE 🔘 Remove Archived Emails - - - -
DONE 🔘 Archive Chat History - - - -
DONE 🔘 Remove Archived Chats - - - -
DONE 💻-🖥️-📱 Remove Identifying Markers ⭐⭐⭐ 🧑 🆓
DONE 💻-🖥️ Windows 10 - Split Admin & User accounts ⭐⭐⭐ 🏗️ 🆓
DONE 💻-🖥️ Windows 10 - Uninstall Unused Apps ⭐⭐ 🧑 🆓
DONE 💻-🖥️ Windows 10 - Prevent Startup Apps ⭐⭐ 🧑 🆓
DONE 💻-🖥️ Windows 10 - Block USB Ports ⭐⭐ ⭐⭐ 🧑 🆓
DONE 💻-🖥️ Windows 10 - Upgrade from Windows 7 or 8 ⭐⭐⭐⭐ 🧑 🆓
DONE 💻-🖥️ Windows 10 - Turn on Full Disk Encryption ⭐⭐⭐⭐⭐ 🧑 🆓

Applications

DONE ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 📱 Setup Signal ⭐⭐⭐⭐⭐ 🧑 🆓
DONE ✅ 1. Install Signal - - - -
DONE ✅ 2. Setup Privacy Settings - - - -
DONE 📱 Setup a Secure Browser ⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE ✅ 1. Install Brave or Firefox - - - -
DONE ✅ 2. Set Private and Secure DNS - - - -
DONE ✅ 3. Prevent Local Recording of Browsing History - - - -
DONE ✅ 4. Prevent Remote Recording of Browsing History - - - -
DONE ✅ 5. Add Security Extensions - - - -
DONE ✅ 6. Replace Google Search with DuckDuckGo - - - -
DONE ✅ 7. Set Advanced Privacy Settings - - - -
DONE ✅ 8. Remove or Disable Alternative Browsers - - - -
DONE ✅ 9. Set your Default Browser - - - -
DONE 💻-🖥️-📱 Setup Cloudflare WARP ⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE ✅ 1. 📱 Install & Connect to WARP - - - -
DONE ✅ 2. 💻/🖥️ Install & Connect to WARP - - - -
DONE 💻-🖥️ Setup a Secure Browser ⭐⭐⭐⭐ 🧑🧑 🆓
DONE ✅ 1. Install Brave or Firefox - - - -
DONE ✅ 2. Set Private and Secure DNS - - - -
DONE ✅ 3. Prevent Local Recording of Browsing History - - - -
DONE ✅ 4. Prevent Remote Recording of Browsing History - - - -
DONE ✅ 5. Add Security Extensions - - - -
DONE ✅ 6. Replace Google Search with DuckDuckGo - - - -
DONE ✅ 7. Set Advanced Privacy Settings - - - -
DONE ✅ 8. Remove or Disable Alternative Browsers - - - -
DONE ✅ 9. Set your Default Browser - - - -
DONE 💻-🖥️ Setup an Encrypted Vault ⭐⭐⭐⭐ ⭐⭐⭐ 🧑🧑 🆓
DONE 🔘 Install VeraCrypt - - - -
DONE 🔘 Encrypt Files with VeraCrypt - - - -
DONE 🔘 Encrypt Internal Drives with VeraCrypt - - - -
DONE 🔘 Encrypt External Drives with VeraCrypt - - - -
DONE 🔘 Install Cryptomator - - - -
DONE 🔘 Encrypt Cloud Drives with Cryptomator - - - -

Web Services

DONE ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 🌐 Destroy Google Activity History ⭐⭐⭐⭐⭐ 🧑 🆓
DONE ✅ 1.Disable Tracking & Clear History : Web & App - - - -
DONE ✅ 2.Disable Tracking & Clear History : Location - - - -
DONE ✅ 3.Disable Tracking & Clear History : YouTube - - - -
🌐 Secure a Facebook Page ⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓

Organisational Setup

DONE ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 🌐 Setup Dedicated Work Email for Staff ⭐⭐⭐⭐⭐ ⭐⭐⭐⭐ 🏗️ 🔁💵💵💵
DONE 📱 Setup Dedicated Devices for Staff ⭐⭐⭐ 🏗️ 💰💰
DONE 📱 Register SIM cards for Staff ⭐⭐⭐ 🏗️ 🔁💵💵
DONE 🔒 Setup BitWarden for the Organisation ⭐⭐⭐ ⭐⭐ 🏗️ 🔁💵💵
DONE 💻-🖥️ Install Microsoft Windows from a Trusted Source ⭐⭐⭐ ⭐⭐⭐ 🏗️🏗️ 💰
DONE 💻-🖥️ Install Microsoft Office from a Trusted Source ⭐⭐ ⭐⭐ 🏗️ 💵💵💵
DONE 🌐 Setup Google Workspaces for Staff ⭐⭐ ⭐⭐ 🏗️🏗️ 🔁💵
DONE 💻-🖥️-📱 Issue Yubikeys to Staff ⭐⭐ 🏗️ 💵💵

Conduct Checklist

Digital Hygiene and Practice

COMMITTED ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 🔒 Practice Good Password Habits ⭐⭐⭐⭐⭐ 🧑 🆓
DONE ✅ 1. Exclusively use a Password Manager - - - -
DONE ✅ 2. Add New Accounts to Bitwarden - - - -
DONE ✅ 3. Be Mindful of Cameras and Watchful Eyes - - - -
DONE ✅ 4. Store Your Passphrase Offline - - - -
DONE ✅ 5. Only Securely Share Passwords - - - -
DONE ✅ 6. Perform Password Security Audits - - - -
DONE ✅ 7. Respond to Compromised PIN / Passphrases - - - -
DONE 🔒 Use Multi-Factor Authentication ⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE 📱 Avoid Calling over Mobile or Landlines ⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Voice Calls over E2EE Apps ⭐⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Avoid Text Messages over SMS ⭐⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Text Message over E2EE Apps ⭐⭐⭐⭐⭐ 🧑 🆓
DONE 💻-🖥️-📱 Regularly Confirm Your Preparation Setup ⭐⭐⭐⭐ ⭐⭐ 🧑🧑 🆓
DONE ✅ 1. Set Digital Security Checkup Reminder - - - -
DONE ✅ 2. Confirm Your Lock Screen Settings - - - -
DONE ✅ 3. Confirm Your Apps Automatically Update - - - -
DONE ✅ 4. Uninstall Unused Apps - - - -
DONE ✅ 5. Revoke Unnecessary App Permissions - - - -
DONE ✅ 6. Maintain Decoy Apps - - - -
DONE ✅ 7. Archive Your Data - - - -
💻-🖥️ Safely Delete Files (Unrecovereable) ⭐⭐⭐⭐ 🧑 🆓

Applications

COMMITTED ITEM PRIORITY COMPLEXITY EFFORT COST
DONE 📱 Install Apps From Trusted Sources ⭐⭐⭐⭐ 🧑 🆓
DONE 📱 Safely take Photos ⭐⭐⭐ 🧑 🆓
Done 📱 Safely use Signal ⭐⭐⭐⭐⭐ 🧑🧑 🆓
DONE ✅ 1. Secure Individual Chats - - - -
DONE ✅ 2. Secure Group Chats - - - -
DONE ✅ 3. Delete Everything in case of Emergency - - - -
DONE ✅ 4. Blur Faces and View Once Media - - - -
DONE ✅ 5. Review Linked Devices - - - -
DONE ✅ 6. Use Safety Number Feature - - - -
DONE ✅ 7. Verify Contact Safety Numbers - - - -
DONE ✅ 8. Taking Care Not to Send SMS - - - -
📱 Safely use WhatsApp ⭐⭐⭐ 🧑 🆓
📱 Safely use Messenger ⭐⭐⭐ 🧑 🆓
DONE 💻-🖥️-📱 Browse with Brave or Firefox ⭐⭐⭐⭐⭐ 🧑 🆓
DONE 💻-🖥️-📱 Connect to Cloudflare WARP ⭐⭐⭐⭐ 🧑 🆓
DONE ✅ 1. Switch between 1.1.1.1 and WARP - - - -
DONE ✅ 2. Exclude Specific Apps - - - -
DONE ✅ 3. Block Malware - - - -
DONE 💻-🖥️ Manage sensitive files in VeraCrypt ⭐⭐⭐⭐⭐ ⭐⭐ 🧑 🆓
DONE 💻-🖥️-📱 Do not use Dingtalk ⭐⭐⭐⭐⭐ 🧑 🆓

Web Services

COMMITTED ITEM PRIORITY COMPLEXITY EFFORT COST
💻-🖥️-📱 Safely host Zoom ⭐⭐⭐ 🧑 🆓
🌐 Safely use Email ⭐⭐⭐⭐ 🧑 🆓
🌐 Safely use Office 365 ⭐⭐⭐⭐ 🧑 🆓
🌐 Safely use Google Drive ⭐⭐⭐⭐ 🧑 🆓