Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

🍬 Gummy Bears: a digital safety incentive program for teams

🤔 Who this is for

This is a template that anyone can use to encourage teams and organizations to take quick steps to upgrade their organizational security together.

🔑 Key concept

Make a donation every time the team completes an assigned task. Check in every day to reward and nudge them.

🧠 How it works

Select 1-2 people to be the project leads. This can be a team member who’s in charge of digital security, an outside expert or both. These people should then:

  • Meet with the team to learn about their digital safety needs.
  • Analyze where you think there are gaps in their safety and privacy practices.
  • Meet with them again to go over relevant digital safety concepts (e.g. password length, data policy).
  • Make a customized checklist of 8-10 steps that the team should take in order to improve their security.
  • Send the checklist to the team and set a deadline to complete the checklist.
  • Agree on an organization that the team is interested in donating money to.
  • Check in every day to:
    • See if the team has finished any steps on the checklist. If so, make a fixed amount donation 🍬 for every completed step.
    • Answer any questions.
    • Remind the team that there are unfinished steps in their checklist (aka nag them).
  • Offer a bonus donation 🍬 if the team finishes everything before the deadline.

You may also choose instead to send the team one checklist step at a time, and only reveal the next step once it has been completed. We’ll let you be the judge of what works best for the team you’re working with.

🐾 Example steps

Previous teams who used this safety incentive program went through steps like these:

  • Pick and set up a password manager for the team.
  • Draft an internal data access and retention policy.
  • List out all the accounts and devices used for work, review who has access, and make sure they all have unique, long passwords.
  • Have every team member secure their individual devices using the Zebra Crossing checklist.

🕒 Last updated

30 October 2020


A digital safety incentive program for teams






No releases published


No packages published