A Beginner’s Guide to Church Cybercrime
It’s suggested that the most recent SONY hacking scandal will end up costing the organisation a whopping $100 million. Whilst the cyber liability of Churches isn’t expected to carry such large financial ramifications, there is still potential to cause a great deal of harm.
Please don’t think that it won’t happen to you. Figures show that the risk of cyber fraud is increasing exponentially and that no one can truly be safe from an attack, not even a small ‘middle-of-nowhere’ Church. In fact, a 2012 study by Symantec found that 40% of data-breaches are directed towards smaller businesses as they don’t have the knowledge and resources to put in place proper cyber security. Any organisation that has a computer network or digitally handles personal or confidential information is at risk of a cyber-breach. Your Church members could be scammed simply through access to your Church member address book or newsletter list!
Having access to Church members information means that your Church has a responsibility to keep it secure. A cyber threat is anyone with malicious intent seeking a way to access information that your organisation holds digitally. Examples include hacking, malware and viruses, staff error, system glitches and theft. But the threat can extend to situations such as lost laptops and thumb-drives, mishandled files, unintentional security breaches or illegal behavior by employees.
Many Adventist Churches have a website or use Facebook, pay and receive money electronically, and have databases with Church members details stored in them. It is no longer good enough to just rely on anti-virus software to protect your digital information as there are many alternate ways that a cyber-thief can gain access. For example, someone leaves their laptop in a taxi, a Church member leaves a door unlocked to the building or a Wi-Fi connection does not require a password to connect.
The risk of cybercrime has been increasing greatly with the development and expansion of available digital technology. There has been much media attention surrounding the issue recently, as the frequency of attacks escalates and a general lack of knowledge about how to protect information means that those with malicious intent find it easier to access information. There are many ways in which cybercrime can be committed so our response should take each avenue into consideration.
To protect your organisation or Church from cyber risks we recommend you undertake the following measures:
- Ensure that your computer is running anti-virus software with regular scans conducted
- Set usernames and passwords on all computers, making sure that all passwords are changed often (including the wireless password)
- Use two separate wireless networks, one for Church congregation access and one hidden network dedicated to Church business
- Limit access to Church web pages so that only a small amount of key people can edit and update websites
- Apply network restrictions appropriate for each person’s level of leadership
- Regularly back up all computer data to an external hard drive stored offsite in a secure location
- Dictate a technology ‘Gatekeeper’ – someone to be responsible for update of anti-virus software and virus scanning, to stay current with virus risks, monitor the use of copyright material, and ensure consent is given for any individuals’ photos used in Church materials.