Assemblies of God USA SearchSite GuideStoreContact Us
Home Current Issue Archives Subscriptions Advertise Contact Us Store  

Search

Minister's Life & Ministry

  Articles for ministers

Empower Resources

  Articles for lay leaders

Book Review


Enrichment
The First Decade
Every issue (Fall 1995- Fall 2005) on 3 CDs.


Order Back Issues Online

Conflict Management
Two volume set now available.

Managing the Local Church/Leadership CD.

Order Paraclete CD
Includes all 29 years of the now out-of-print Paraclete magazine. An excellent source of Pentecostal themes and issues. Contains articles on theological topics concerning the work and ministry of the Holy Spirit. An indispensable source of sermon and Bible study material with a fully searchable subject/author index.

Good News Filing System
Advance/Pulpit CDs
Long out of print but fondly remembered, Advance and Pulpit magazines blessed thousands of ministers. Now the entire Advance/Pulpit archive--nearly 40 years of information, inspiration, helps, and history--is available to you on separate CDs.


Return to Table of Contents

Security—It’s Time to Get Serious

It’s time to get serious about securing your church’s computer systems.

Since September 11, 2001, most Americans are more security conscious than at any time in recent history. While we don’t normally think of terrorists targeting ministry computer systems, Craig Cato, former president of Capin Crouse Technology, says some enemies of the Christian faith have begun to target ministry computer systems. Add to that the many security loopholes in some Windows¬Æ network operating systems and software and our concerns about identity fraud, and it becomes clear that it’s time to get serious about securing our ministry computer systems.

What are the risks?

There was a time when our computer systems were relatively simple. The only threats were computer viruses passed on floppy disks and regional catastrophes that could damage our buildings and equipment. But today we have a host of threats that could compromise sensitive data or our operational dependencies on computer systems.

• Internet access loopholes. Many network servers running Windows¬Æ NT, 2000, or XP are connected to the Internet. These systems have many security loopholes, with more being discovered at least weekly. Because of these protection gaps, others may be able to gain access to these servers and use them for whatever purpose they desire. Your Windows¬Æ servers, if connected to the Internet, could be used as a distribution point for viruses, pornography, denial-of-service attacks, and even television shows. As you know, if some of your sensitive data, like your contributor list, got into the wrong hands, it could be bad.

• Identity fraud. Armed with the right information, outsiders could pose as ministry-team members. Sensitive data, therefore, must be protected. In many states, unprotected sensitive data could lead to lawsuits from those who feel they have been hurt. Yet most ministries have very loose—often nonexistent—information system security policies. Two ways we know this are when computer users know each other’s passwords and/or the passwords are easily guessable. These open systems are ripe for identity fraud.

• E-mail viruses. This is a battlefront many of us are familiar with. Whereas viruses were once distributed primarily by floppy disks, today they are spread mostly as e-mail attachments. Unfortunately, many of these come from trusted friends and colleagues, and by the time we realize what’s happening to our computer, it’s too late.

What can we do about it?

• First, get tested. There are many companies available that perform IS security audits. The cost can range from free to more than $10,000. We tried some of the free audits that are available on our network and were told we had perfect security. Then we tried Capin Crouse Technology’s audit (www.capincrousetechnology.com), and a number of security gaps were discovered that the previous audits didn’t find. Although it costs a little—less than $500—it is well worth it. And along with a full test of our system’s Internet vulnerabilities, it also asked about our policies and procedures.

• Second, fill the cracks with patches. Microsoft has patches available to correct every security hole they are publicly aware of. Keep checking Microsoft’s Web site for patches and don’t delay their application. A delay of just days could make the difference between security and an embarrassing disaster.

• Establish good IS policies and procedures. Set policies regarding passwords and enforce them. Require all computer users to keep their password to themselves, and to use a combination of letters and/or numbers that are not guessable. Avoid names, words, and dates—forwards or backwards.

• Install virus protection and keep it updated. Virus protection should run on all workstations and servers. The manufacturers of antivirus software publish virus signature updates whenever new viruses are discovered. These should be checked often and applied as quickly as they are available.

We would not consider compromising our family’s safety, and for our ministries we need to exercise the same concern. The likelihood of a data disaster has, unfortunately, become so great that we cannot ignore it any longer. Thankfully, computer security protection is available and affordable.

—Nick B. Nicholaou, Huntington, California