Communication Security

The “Communication Security” document was recently added to the CPR toolkit located in the digital library of the GFWC website.  To find it, perform a search for CPR toolkit in the digital library, and download the files.  Open the document titled “Communication Security,” which will provide best practices for your GFWC entity.  Below is a summary of the information, but the details (located in the toolkit) are necessary for the protection of your GFWC entity.
What is Communication Security? It is the practice of protecting information shared with others by establishing sound policies and procedures for your GFWC club, district, state, or region (GFWC entity). The main purpose is to establish clear standards and structured procedures to ensure consistent and reliable protection of passwords and stored data.

Begin by establishing a written standard operating procedure and succession plan for your GFWC entity, and train members using the products.  Everyone needs to understand that all social media accounts, email accounts, websites, and related digital assets are the exclusive property of the GFWC entity.  These accounts are proprietary to the organization, and no account may be deleted without the consent of the authorized group or of the full club membership, in accordance with the group’s bylaws, standing rules, or adopted communications procedures. 

The best place to start is by compiling all accounts that require a password or security code. Next, identify and collect the information needed to store passwords or security codes securely.  Determine who has access to this information and accounts as determined by your GFWC entity.  Common best practices are outlined in the CPR toolkit as noted above.

The next step is determining the storage mechanism. Suggestions include electronic password managers, Google Sheets or Docs, Microsoft Excel and Word, and paper.  The pros and cons of each method are listed in the document as noted above  

In addition, the transition process is critical to the GFWC entity’s success. When transitioning accounts, remember to update account administrators. It is good practice to change the passwords at the start of each administration.  Make sure that the new passwords are updated in your storage mechanism.
It is very important to have an Information Technology (IT) policy to refer to in your Adopted Plan/Procedures or Standing Rules. The IT policy should include who has access, the procedure for transitioning between administrations, and the policy on storing club passwords and club documents.  A sample Information Technology policy is included in the CPR toolkit as noted above

By implementing these practices, your GFWC entity can help ensure the security, continuity, and integrity of its communications and digital assets for future administrations.