Personal and Family Safety
Security SpecialistHROperations & Strategy
Key Takeaway: Opsec reduces what adversaries can learn about targets and routines. Controls span digital hygiene, identity separation between public and asset-control personas, family and staff training, physical routine hardening, and social engineering resistance.
Opsec shrinks the real-world attack surface by reducing what adversaries can learn about targets, their routines, and their connections to digital assets.
Digital hygiene
- Eliminate persistent OSINT signals: Scrub public profiles of home addresses, vehicle plates, routine locations (gyms, cafés), and geo-tagged photos. Use temporary numbers and emails for non-essential accounts. Complete PII removal often requires a corporate or legal entity as a shield. Run a tabletop threat model first to gauge what exposure is acceptable for your risk profile.
- Harden devices: Full-disk encryption, no seed phrases or wallet apps on always-on phones or laptops, regular factory resets on operational devices, no cloud sync of sensitive data.
- Financial anonymity: Route crypto operations through privacy-preserving tools where legally permissible, avoid linking exchange KYC to public social handles, use business entities for high-value holdings.
Identity separation
- Public persona vs. asset control: Maintain distinct digital identities for social presence versus wallet signing.
- Compartmentalized devices: Public phone for social and travel use; signer phone kept in secure location, never carried together.
- Family dissociation: No joint public profiles, separate finances and devices, educate on not discussing crypto holdings or signing routines at home or social events.
Physical security
- Key storage: Never keep cold-storage signing keys on your person or in a location that follows your physical routine. Store hardware wallets and seed backups in geographically separate secure locations.
Family and staff training
- Simple family protocols: "If someone asks about money or crypto, say nothing and text [safe word] to [emergency contact]." Pre-rehearsed silent alarms to neighbors or security.
- Staff NDAs and drills: Drivers and assistants trained to vary routes, report surveillance, and never discuss the principal's assets or locations. Tabletop exercises for home and office scenarios.
- Children and vulnerable contacts: Age-appropriate rules ("never open the door for strangers," "never share phone screens"), school pick-up codes, and emergency family assembly points.
- Panic buttons: Fit home and vehicles with discrete panic buttons linked to a monitoring service so any household member can trigger a silent alert.
Physical routine hardening
- Unpredictability: Rotate gyms, cafés, and commutes weekly; avoid solo night outings; use ride-shares with fake names or pickup locations; never carry more than $2k cash or cards visibly.
- Home defenses: Reinforced doors and windows, cameras with remote alerts, safe rooms, no visible luxury goods or crypto-branded items.
- Travel hardening: No wallet signing during trips, inform trusted contacts of itineraries, use hotel safes for devices, avoid high-profile events solo.
Social engineering resistance
- Standard responses to probes: "I don't handle that" or "Ask my lawyer/colleagues" for any crypto questions. Never confirm or deny holdings.
- Cover narratives: Plausible stories like "Everything's in custody" or "The team handles treasury," consistent across family and staff, to deflect without raising suspicion.
- Regular audits: Quarterly review of social profiles, on-chain links to identities, and staff access by external security consultants.