Humanitarian organisations operate under conditions that create unique information security challenges. Operating across borders to provide services in disaster areas and conflict zones highlights information security threats and threat actors. The experiences of the International Committee of the Red Cross (ICRC) provide insight into the difficulties and trade-offs faced by multinational, multi-stakeholder organisations.
Researchers Le Blond et al interviewed 27 ICRC field workers, IT staff, lawyers, and managers. Those interviews together represented over 250 years of experience in humanitarian field work, data protection, and management. The responses provided a view of the information security challenges in terms of the individual, organization and the law.
The operations of the ICRC are affected by the vulnerability of their beneficiaries, as they are often unable to safely access technology. This can be unavoidable, as the need for collaboration often requires sharing of data in some form. There is also the threat of coercion of employees by violent or other means, on top of the difficulties of providing physical security for operations located in hostile environments. The safeguards put in place much as possible consider these factors. Measures such as local encryption and offsite storage of data, data access limitations and procedural controls are all used to minimize risk. Further, there are legal factors to consider as there are restrictions on data sharing across jurisdictions. Present loopholes in legal safeguards and regional legal immunities and pressures that need to be considered when designing safe systems and policies. This complexity requires that the ICRC is careful when collecting data, being sure to understand data in terms of its type and sensitivity to ensure it is properly handled. Risk mitigation techniques include data minimization, obfuscation and pseudonymization.
Lessons that could be learned from the experience of ICRC are headed by the importance of coercion resistance in operational security policy. The ICRC worked to address this by providing data access on a need-to-know basis, including citizenship in the consideration of system administrator access policy and by segregating data between delegations. Further, it is important to consider the practical needs for cooperation or capacity building work that may require managed security trade-offs. Despite employing effective and novel security technologies and practices to provide humanitarian services in adverse and adversarial environments it is not always possible to find an optimal outcome. It is necessary to tolerate less than perfect security from third parties and beneficiaries depending on their vulnerability and technical capacities and accept that cross border legal issues may compromise the availability of data.
Operating in adverse and adversarial environments is sometimes necessary in order to reach the goals of an organisation. In this extreme environment security policy must encompass technical, legal, procedural and physical safeguards while also allowing for trade-offs to be made when required.
In extreme environments such as those faced by humanitarian organisations security policy must include technical, legal, procedural and physical safeguards while permitting necessary trade-offs.