Security on KilPen Technical Services - IT with Aloha

Cleaning Business Data Off a Personal Computer

Thu, 18 Jun 2026 00:00:00 +0000

Applies to: A personal (non-work) computer — Windows, macOS, or Linux — that was used at any point to access an organization’s data: email, files, a CRM or other business application, code, or documents.
Audience: Employees, contractors, and vendors who are ending an engagement and need to remove the organization’s data from their own device — and the organizations asking them to.

Third-Party & Vendor Risk Management

Thu, 18 Jun 2026 00:00:00 +0000

Applies to: Any small organization, nonprofit, or team that relies on outside vendors and SaaS tools — accounting software, a CRM or donor database, email and file storage, a payment processor, contractors, and the dozens of apps connected to them.
Audience: Organizations with little or no dedicated IT/security staff and a limited budget, who still need to take reasonable, defensible care of the data their vendors touch — including donor, client, member, and financial data.

Vendor Security Requirements (Send to Your Vendors)

Thu, 18 Jun 2026 00:00:00 +0000

For our clients — how to use this page (do not send this box). This is the vendor-facing companion to our Third-Party & Vendor Risk Management guide. The section below the line is written to be sent directly to a vendor that handles your data. Fill in the bracketed fields ([…]), delete this instruction box, and send it as an email, a PDF, or an attachment to a contract or statement of work. Send it to the vendors in your “crown-jewel” bucket — the ones that touch personal data, money, or your accounts. For large providers (Google, Microsoft, Stripe, etc.), expect them to answer by pointing you to their security/trust page rather than replying point by point; that’s acceptable. KilPen can help you tailor or send this.

iOS Security Best Practices (iPhone & iPad)

Tue, 16 Jun 2026 00:00:00 +0000

Applies to: iOS 26 and iPadOS 26 (most steps also apply to iOS 18). Apple ships year-named releases; menu paths may vary slightly on older versions.
Audience: iPhone and iPad users and small teams who want strong security using built-in settings — no MDM enrollment or management profiles required

Linux Security Best Practices (Ubuntu / Debian)

Tue, 16 Jun 2026 00:00:00 +0000

Applies to: Ubuntu 24.04 LTS (and 22.04 LTS), plus Debian and Ubuntu-based distributions such as Linux Mint and Pop!_OS. Commands use apt, ufw, and AppArmor. Fedora/RHEL equivalents (dnf, firewalld, SELinux) are noted where they differ.
Audience: Desktop users and small teams who want strong security using built-in Linux tools — no configuration management, MDM, or agents required

macOS Security Best Practices

Tue, 16 Jun 2026 00:00:00 +0000

Applies to: macOS Tahoe 26 and macOS Sequoia 15 (with notes for older versions)
Audience: Individual users and small teams who want strong security without MDM, device management, or remote access tools

Windows Security Best Practices

Tue, 16 Jun 2026 00:00:00 +0000

Applies to: Windows 11 (version 23H2 and 24H2). Most steps also apply to Windows 10, though menu paths differ and Windows 10 reached end of support in October 2025.
Audience: Individual users and small teams who want strong security using built-in Windows tools — no domain join, MDM, or management agents required

Automating PGP Key Issuance and Distribution with GPG and 1Password

Fri, 25 Aug 2023 00:00:00 +0000

SKILL LEVEL: Advanced.