Ask HN: What tools to use for a political party IT infrastructure?

by greencore on 11/5/2020, 9:20:36 PM with 5 comments
Hi HN, I'm trying to establish a new IT infrastructure for my political party (leftist). Would you recommend any tools for it?

  • by maltalex on 11/6/2020, 10:22:19 AM

    In this day and age, I'd recommend consulting with actual security professional for organizations as public as political parties.

    Short of that, make sure to (at least) cover the basics:

    - Ask everyone to use a trusted password manager and strong, unique password for everything. Avoid shared accounts and shared passwords.

    - Enable 2FA everywhere, strongly prefer authentication apps or even better, hardware tokens over SMS. Use SMS 2FA only as a last resort.

    - Have everyone go through cyber security awareness training. Many attacks start off as (spear) phishing emails and/or various social engineering shenanigans.

    - Update every piece of software obsessively. That includes everything from workstations and phones to servers, VPNs, routers and printers. Do not use any device which isn't supported anymore.

  • by probinso on 11/9/2020, 7:38:39 AM

    Use NextCloud.

    It's going to be worth doing threat modeling for different things, but a lot of operational problems can be solved with this and it is self-hosted

  • by speedgoose on 11/6/2020, 7:04:23 AM

    Probably not AWS if your party don't like Amazon.