Recommendations for practicing OPSEC

When conducting Open Source Intelligence (OSINT) investigations, investigators may obtain sensitive information during the information collection process, and visits to websites may leave access traces. Therefore, for open source intelligence investigators, it is crucial to maintain good OPSEC(Operations Security), which not only helps to protect the investigators' behavior from being exposed, but also reduces potential risks and disruptions.

The following OPSEC recommendations are suitable for everyone:

1. Use strong and unique passwords and avoid obvious information such as birthdays.

2. Consider using a password manager to ensure secure password storage.

3. Enable dual authentication for email and social accounts to elevate the level of account protection.

4. Update all device apps regularly to ensure there are no security vulnerabilities.

5. Enable screen lock when the device is idle to prevent unauthorized access.

6. Don't leave devices unattended.

7. Consider using webcam covers and screen anti-peep films.

8. Protect the privacy of your communications by using an encrypted email service.

9. Enhance cloud data protection by using encrypted cloud storage.

10. Adjust social media privacy settings to control the public visibility of personal information.

11. Use secure search engines to reduce the likelihood of being tracked online.

12. Secure your connection with a VPN (Virtual Private Network) when using public Wi-Fi (e.g. coffee shops, hotels, airports).

13. Check permissions before downloading software to avoid malware gaining unnecessary access.

Recommendations for open source intelligence investigators are as follows:

1. Use specialized equipment and accounts to conduct surveys and adopt anonymous forms to avoid information interference and leakage.

2. Use a paid VPN to hide IP address and protect personal identity.

3. Use VM (Virtual Machine) to conduct surveys to prevent malware from affecting the host system.

4. Regularly clean browser history, cookies and other files to protect personally identifiable information (PII).

5. Adjust system time settings to align with the time zone of the investigation target.

6. Review the security of the open source survey tools used.

7. Develop standard operating procedures (SOP) for online survey research.