Friday, June 19, 2009

3 Ways Computers Can Hurt Your Ministry - Part 2 - Weak Network Security

Our computers have become almost indispensable ministry tools. What would you do if the worst happened and you had to function without your computers? Would your ministry survive?

This article is the second in a 3-part series on how to protect your ministry from serious computer-related loss. This time we’re going to focus on the basics of securing your network against potential inside and outside threats. In the final installment, we’ll cover what every ministry should know about software license compliance.

Good network security is an area many people in ministry neglect, simply because it can be so overwhelming. Even though there are lots of technical details involved with adequately securing your ministry’s network, if you focus on the handful of key areas presented in this article, you can prevent many of the potential threats you might face.

Passwords

The cornerstone of securing your network is to make sure you use strong, secure passwords. This is your first line of defense, and it’s often the weakest link in the chain. If someone can guess your password, they can impersonate you on the network and get to everything you have access to. Even worse, a hacker can use your password to try to “escalate” his level of access and possibly take over the whole network. Most ministries would suffer great loss if sensitive data (like donor information) was leaked out to the Internet by a hacker or disgruntled employee. Making sure your passwords are secure will help prevent this from happening.

Start by putting a password policy in writing. Some good practices to include in the policy are:

•Make all passwords at least 6 characters long, and require a mixture of numbers & upper/lowercase letters. They should be hard to guess, but still pretty easy for the users to remember.

•Require everyone to change their passwords on a regular basis and enforce a password history. This keeps users from recycling their old passwords again and again.

•Make sure no one writes their password on a “sticky note” and posts it in plain sight. This is a common security problem, and it’s almost as bad as having no password at all.

A good IT consultant can help with more suggestions, and these items can all be automatically enforced by your servers, so that everyone on the network will be protected.

Security Updates and Patches

Have you ever noticed that annoying message popping up at the bottom of your computer screen saying “New Updates Are Ready to Install”? Have you ever been tempted to ignore it? Don’t! Every month Microsoft releases security updates for many of their products, and the only way to stay secure is to install them faithfully.

As soon as software companies become aware of security problems, they release patches and updates to correct the issues. It’s your responsibility to download and install the patches so your system will stay up-to-date. I recommend configuring Automatic Updates on all your machines so this process will happen automatically. In a server environment, installing the latest updates can be automated for all your computers and managed from a central location. Just like maintenance on your car, you should plan to apply security patches and updates regularly to keep out potential hackers and viruses.

Firewall

If your ministry uses a dedicated high-speed Internet connection, make sure you have a good firewall in place. This device serves as a barrier to keep hackers out of your internal network. You would never dream of leaving your building at night without locking all the doors, and you should always make sure that the “doors” to your computer network are locked, as well. There are hardware and software firewalls available, but we usually recommend purchasing a hardware-based firewall for security and reliability reasons. Some good firewall manufacturers to check into include Cisco, SonicWall and WatchGuard.

Regular Security Audits

Another benefit of having a relationship with a good IT consultant is that they can perform ongoing security audits on your ministry network. Securing your passwords and applying all the current updates will help, but to make sure everything is locked down you should perform a thorough security audit at least once a year.

A competent, trusted IT consultant can approach your network like a hacker would, using many of the same hacker tools and techniques. He or she can try to penetrate your Internet firewall, test the strength of your passwords, verify the physical security of your data and backups, scan your whole network for security holes and vulnerabilities and provide a detailed report of the findings. They will also be able to give you recommendations and cost estimates on what it would take to fix any issues they find and thus increase the security of your ministry’s network.

Making sure your network is secure is still only another part of the solution. In the final installment of this series we’ll talk about some simple steps you can take to protect your ministry from huge fines and potential prosecution by making sure you comply with software licensing laws.

Donnie Schexnayder is a ministry technology expert. He holds industry certifications from Microsoft and CompTIA and has over 10 years experience in supporting churches and Christian ministries with technology. With a mixture of passion and expertise, Donnie helps ministries advance their mission of bringing the Gospel of Jesus Christ to the ends of the earth by using cutting-edge technology. Donnie lives with his wife and 2 children in Colorado Springs, CO.

No comments:

Post a Comment