Edit This Page

Get Started

Get started

Learn the basics of digital security in order to start using your devices more safely.

Learn about

Seven steps to Digital security

1. Knowledge is Power

Good security decisions can't be made without good information. Your security tradeoffs are only as good as the information you have about the value of your assets, the severity of the threats from different adversaries to those assets, and the risk of those attacks actually happening.

You know a lot!

Some of this knowledge you already have: knowledge of your own situation, who might want to target you, and what resources they have. You already have more power than you think!

2. The Weakest Link

The old adage that "a chain is only as strong as its weakest link" applies to security too: The system as a whole is only as strong as the weakest component.

Protect your information

For example, the best door lock is of no use if you have cheap window latches. Encrypting your email so it won't get intercepted in transit won't protect the confidentiality of that email if you store an unencrypted copy on your laptop and your laptop is stolen.

Take small steps

That doesn't mean you have to do everything simultaneously, but it does mean that you should spend time thinking about every part of your information and computer use.

3. Simpler is Safer and Easier

It is generally most cost-effective and most important to protect the weakest component of the system in which an asset is used.

Reduce complexity of system

Since the weak components are much easier to identify and understand in simple systems, you should strive to reduce the number and complexity of components in your information systems.

Reduce number of interactions

A small number of components will also serve to reduce the number of interactions between components, which is another source of complexity, cost, and risk. That also means that the safest solution may be the least technical solution.

Non-technical security solutions

Computers may be great for many things, but sometimes the security issues of a simple pen and notepaper can be easier to understand, and therefore easier to manage.

4. More Expensive Doesn't Mean More Secure

Don't assume that the most expensive security solution is the best; especially if it takes away resources needed elsewhere.

Low-cost solutions

Low-cost measures like shredding trash before leaving it on the curb can give you lots of bang for your security buck.

5. It's Okay To Trust Someone (But Always Know Who You're Trusting)

Computer security advice can end up sounding like you should trust absolutely no one but yourself. In the real world, you almost certainly trust plenty of people with at least some of your information, from your close family or companion to your doctor or lawyer.

Trusting someone in digital space

What's tricky in the digital space is understanding who you are trusting, and with what. You might deposit a list of passwords with your lawyers: but you should think about what power that might give them—or how easily they might be maliciously attacked.

Trusting digital providers

You might write documents in a cloud service like Dropbox or Microsoft OneDrive that are only for you: but you're also letting Dropbox and Microsoft access them, too.

"Loose lips sink ships"

Online or offline, the fewer people you share a secret with, the better chance you have of keeping it secret.

6. There is No Perfect Security—There’s Always a Trade-Off

Set security policies that are reasonable for your lifestyle, for the risks you face, and for the implementation steps you and your colleagues will take.

Keep it simple

A perfect security policy on paper won't work if it's too difficult to follow day-to-day.

7. What's Secure Today May Not Be Secure Tomorrow

It is also crucially important to continually re-evaluate your security practices. Just because they were secure last year or last week doesn't mean they're still secure!

Keep up to date

Keep checking respected sites advice will be updated to reflect changes in our understanding and the realities of digital security. Security is never a one-off act: it's a process.

Choose the right lesson

To learn the basics of encryption and how it can help protect you and your network, choose the Encryption lesson:

  • Encryption
    To understand why strong passwords are important and how to create strong passwords, choose the Passwords lesson:
  • Passwords
    To understand what metadata is and how it can leave you and your network vulnerable, choose the Metadata lesson:
  • Metadata
    To learn about why secure communication is important and tools you should use to communicate safely, choose the Secure communications lesson:
  • Secure communications


What is gitbook used for?

To read books To book hotel named git To write and publish beautiful books GitBook.com lets you write, publish and manage your books online as a service.

Is it quiz?

Yes No


  • en/topics/understand-2-security/0-getting-started/1-1-intro.md: Getting started with security
  • en/topics/tool-4-keepassx/0-getting-started/1-1-intro.md: Using KeepassX to manage passwords security
  • en/topics/tool-2-signal/0-getting-started/1-1-intro.md: Learn to use Signal, the encrypted messaging app
  • en/topics/tool-9-tor-browser/0-getting-started/1-1-intro.md: Learn to use Tor, the anonymous browser for avoiding surveillance and getting around censorship

See also: