"Data breach? Cyber-attack? In the church?"
These are common responses we hear when privacy and cybersecurity are discussed within the context of the church. A colleague shared a very interesting conversation she had with one of her church leaders recently. The conversation went like this:
Colleague: Hello – how are you doing? Did you hear that Lincoln College closed after 137 years in operation?
Church leader: Whoa! I heard something about that. That's a shame! I wonder what happened.
Colleague: Imagine surviving the Great Depression, two World Wars, Global Recessions, and COVID-19, but it's a cyber attack that it couldn't bounce back from.
Church leader: What a shame. I guess this is yet another reason not to be too techie.
Colleague: Umm, I don't think so. That is not the way to go. We can't avoid being tech.
Church elder: Yeah, you can. You can limit how computerized you make your place. I mean, look at our church. Do you think it will ever come out that we have even been hacked or whatever they call it now?
Colleague: Once you have even one computer with data stored, you are as good as computerized.
Church elder: Let's see about that.
This conversation is a classic example of why we do what we do at 1600 Avenue and why we're dedicated to educating and informing as many people as possible about cyber security. With how globalized the world has become, we can't avoid being "techie" or "globalized," even if you're a church.
A lot of times, when we pray for protection, we tend to do that within the context of evil. Rarely do we consider that the evil can be a hacker who has no respect for the amazing work churches do. The commendable contributions you make to communities and how you give hope to the hopeless do not matter to them. If they want to attack you, they most definitely will.
Once you have a computer or are connected to any network, you must be cyber secure and aware.
What is cyber awareness?
This refers to how much users know about the cyber security threats that can affect their network. Most churches have a database of their church members. Stored with their member information are bank details and other sensitive data. These pieces of information are so important and should be protected. We recognize that a data breach can happen in two main forms; physical breach and computerized breach, so here are some tips on how to protect yourself against a data breach.
Limit Paper PPIs - Any paper of documentation that has Personally Identifiable Information (PII) should be shredded or well discarded. PIIs are any information that is related to an identifiable person, which includes but is not limited to full names, home address, social security number, email address, date of birth, credit card numbers, and many more.
Separate Work & Personal - Have separate emails and mailing addresses for personal and church-related work
Lock Records - Should there be any physical records that are still existent within the church's administration, ensure these records are kept in secure and locked cabinets.
Limit Staff Access To Info - It is important to limit staff and volunteer access to sensitive information. Remember that volunteers typically work or help only for a short period of time, so as much as you can, restrict the kind of information they are privy too. Your church staff are your first line of defense. It is important to equip them with the knowledge they need to protect their data, and training sessions are the best way to do that. These training sessions will equip you with some basic steps to take to avoid or mitigate such attacks.
Sign up for our cyber training here. Protection is a communal effort.
Secure your wireless network - Try as best as possible to have a separate WIFI network for guests (church members) and a much more secure one for staff. Ensure that your Wi-fi networks are password protected, even for guests.
Hire A Cyber Professional - With the help of cyber professionals such as 1600 Avenue, it is imperative to make plans or have some documentation for how an attack would be managed. It can be used as a supporting guide or template for other church members to follow suit. Remember, your sphere of influence as a church transcends the walls of the church building or altar. You have a strong influence on how other members value data and protect themselves from attacks.
Keep Software Updated - Always ensure all software is kept up to date from any network or software bugs.
Install Anti-Virus Software - This can help reduce the prevalence of a virus on your computer and ensure that it is automatically programmed to scan computers periodically for malicious software.
Beware of Links - Do not click links or download from sources you do not know or are unsure of, especially via email. We do not want you to be a victim of a phishing attack.
Use a Multi-Factor Authentication (MFA) System - This is an additional boost to your network security. Hence, even if a hacker manages to access any of your passwords through a leak, this MFA will serve as an additional security wall because a second device will be required to access the system
Don't Repeat Passwords - As much as you can, ensure you do not repeat passwords or use easily guessed ones.
Back Up Your Data