Security First CEO and Co-founder, Rory Byrne speaks to AidEx about their app which sets out to cater to the security advice needs of the sector with a user-adaptive approach.
Tell us about your product and how you came to develop it?
Umbrella is an app to help people at risk stay secure. At Security First, we run security training for aid workers, activists, journalists and others, and we see the same problems over and over again. There’s a lot of good security advice out there, such as how to approach a checkpoint or communicate securely, but it’s scattered, and someone in a hurry gets advice from Google without vetting it first. Meanwhile, organisations are spending valuable resources rewriting and disseminating security manuals that no-one reads. We built Umbrella to get that information to your team when they need it most, even if the internet is unreliable.
What is your product’s USP?
Right from the start we designed Umbrella to be adaptable and secure enough for the kind of high-risk environments we all work in. It’s open source, which means the content and code are totally free for anyone to reuse, but it also means it’s secure. Lots of companies are starting to offer apps to NGOs, but they’re not making them available for others to audit or they charge for them. That means they’re either asking you to take security on trust, or worse, they’re not thinking about it at all.
What are its key features?
We think of Umbrella as a new way to manage security for a team. A big piece of Umbrella is the security advice, so it includes lessons on a range of topics. We recently added new information on online harassment and sexual violence, for example. But security is more than just advice, it’s making sure people act on it at the appropriate time.
Why has nothing like this been invented before and what potential does it have?
Other resources for travel management tend to treat high risk users as an edge case. And security advice that does cater to the needs of this sector can be surprisingly limited in scope. We’re trying not to reinvent the wheel with Umbrella. Instead, our approach is to be more comprehensive and encourage users to play a more active role in assessing their own risk and selecting the kind of information that suits them in reality, today, not in a static manual based on what their boss thought their role would involve during an outdated security assessment. This is an app that has the power to turn that assessment into an ongoing dialogue between the field and HQ.
We’re really excited about the potential for people to build it themselves, which is very low cost if you have a tech team, or have us adapt Umbrella for your organisation with your branding and content. We want to make that process easy for any NGO, regardless of size or funding.
What are the limitations of Umbrella?
Because we prioritise security, we can’t collect a lot of analytics and other information about users that developers and designers rely on to make decisions on a daily basis. So it takes time and sometimes a few iterations before we get the data we need about how things are working. We really, really value feedback, not just on how teams are already using Umbrella as part of their work, but also if anything is unclear or how we can improve.
How do you get people to trust the security you guarantee?
As with any aspect of security, there’s an educational element. Not everyone understands the open source community, but actually anyone who develops code is keeping an eye on open source projects. From the security side of things, if we forget to update something, even something we would consider relatively minor, we hear about it because someone has been checking the code on GitHub. The open source community sets the bar high when it comes to security, and they are on our case if we make a mistake. That makes us better.
How will it benefit the humanitarian sector?
This is obviously a challenging time for the humanitarian sector. Threats are increasing, resources are decreasing, and a lot of the traditional ways we implement security protocols haven’t been keeping people on the ground safe. Umbrella offers generic security resources off the shelf absolutely free, or lets you create an affordable version designed specifically for you, and either one will help individuals reduce risk and communicate better about security with colleagues. I think it would absolutely benefit the aid world, and we’ve already had great feedback about how people have been able to make use of early versions.
How important do you think apps are becoming for the humanitarian sector?
We hope the *right* apps will become essential. But nothing is important to the humanitarian industry just because it’s in an app. The app is a delivery mechanism, a means to an end. So for any app that you’re assessing for use in your work, ask what problem it’s solving for you, how it will make what you do easier or quicker or better quality. Ask what it will cost you compared to what you already use, keeping in mind that some of those costs may be intangible or hidden in terms and conditions.
In what ways do you believe the digital revolution is changing the humanitarian and development sector landscape? To what extent is this impact positive or negative?
There’s extraordinary potential for digital technologies to improve the way we assess needs and connect with beneficiaries. There are also essential security and ethical considerations about the way we use and protect people and data which we’re only just beginning to understand, even as the technology leaps ahead even further. So there have already been negative effects, and there will be more. But a huge part of humanitarian relief is about information, be it mapping, communications or logistics. At the end of the day, the digital revolution means it’s much, much easier to share information than at any other time during our lifetimes, or even in history. So we do think that the overall impact is positive, and that we will continue to find ways to leverage technology to help people in need.