7 Ways to Control Cyber Loss at Your Church
Protecting your faith based organization from cyber risks can be an overwhelming venture. A new day means more viruses are being discovered, more spam is being delivered to your inbox and yet another business is the victim of a data breach.
The world will never be free of cyber risks, but there are many loss control techniques you can implement to help protect your church from exposures.
- Install anti-virus, anti-malware and anti-spyware software. This is easiest and most effective way to increase cyber security at your church. Make sure to install the software on each computer in your network—computers that don’t include these types of software are much more likely to be exposed and can possibly spread malware to other computers in the network. Software ranges in price from free to an annual subscription. Be sure to keep the software as up-to-date as possible.
- Encrypt data. If a hacker manages to get through your firewall and into your network, your data could be a sitting duck. Encryption will make the data unreadable to a hacker. Consider using an encryption program to keep computer drives, files and even email messages safe from hackers.
- Use a Virtual Private Network (VPN). A VPN allows employees to connect to your church’s network remotely. In addition to saving on costs, VPNs also provide a high level of security by using advanced encryption and authentication protocols that protect sensitive data from unauthorized access.
- Implement an employee password policy. Essentially, a password policy should require employees to change work-related passwords every 90 days. The policy should encourage the creation of easy-to-remember, hard-to-guess passwords that include letters, numbers and special characters. For example, an easy-to-remember, hard-to-guess password could be “M1dwbo1025.” (My first daughter was born on Oct. 25).
- Back up data regularly. Important data should be backed up daily and in multiple locations, one being off-site. In addition to being safe from cyber risks, off-site data would not be exposed from physical attacks, like a fire or tornado. Restrict access to backed-up data. The public should never have access to it. If the data is tangible, keep it in locked filing cabinets in a locked room and only issue keys to those who absolutely need them.
- Develop a business continuity plan. If the worst should happen and your church suffers a data breach or similar attack, you should have a business continuity plan in place. A business continuity plan helps:
- Facilitate timely recovery of core functions
- Protect the well-being of employees, families and your congregation
- Minimize loss of revenue and donations
- Maintain public image and reputation
- Minimize loss of data
- Minimize the critical decisions to be made in a time of crisis
The plan should identify potential cyber risks, along with the recovery team assigned to protect personnel and property in the event of an attack. The recovery team should conduct a damage assessment of the attack and guide the church toward resuming operations.
Keeping your faith based organization's data safe from cyber risks requires constant attention to ensure an attack never happens.
To learn more on how to protect your church, chat with us!
- What the Church and Target Have in Common
- Cyber & Privacy Liability Series: Part 1
- Cyber & Privacy Liability Series: Part 2
- Cyber Liability E-Book
- 2017 Industry Outlook Video: Faith Based
ABOUT THE AUTHOR