Thursday, May 18, 2006

3 Ways Computers Can Hurt Your Ministry - Part 2 - Weak Network Security

Our computers have become almost indispensable ministry tools. What would you do if the worst happened and you had to function without your computers? Would your ministry survive?

This article is the second in a 3-part series on how to protect your ministry from serious computer-related loss. This time we’re going to focus on the basics of securing your network against potential inside and outside threats. In the final installment, we’ll cover what every ministry should know about software license compliance.

Good network security is an area many people in ministry neglect, simply because it can be so overwhelming. Even though there are lots of technical details involved with adequately securing your ministry’s network, if you focus on the handful of key areas presented in this article, you can prevent many of the potential threats you might face.

Passwords

The cornerstone of securing your network is to make sure you use strong, secure passwords. This is your first line of defense, and it’s often the weakest link in the chain. If someone can guess your password, they can impersonate you on the network and get to everything you have access to. Even worse, a hacker can use your password to try to “escalate” his level of access and possibly take over the whole network. Most ministries would suffer great loss if sensitive data (like donor information) was leaked out to the Internet by a hacker or disgruntled employee. Making sure your passwords are secure will help prevent this from happening.

Start by putting a password policy in writing. Some good practices to include in the policy are:

•Make all passwords at least 6 characters long, and require a mixture of numbers & upper/lowercase letters. They should be hard to guess, but still pretty easy for the users to remember.

•Require everyone to change their passwords on a regular basis and enforce a password history. This keeps users from recycling their old passwords again and again.

•Make sure no one writes their password on a “sticky note” and posts it in plain sight. This is a common security problem, and it’s almost as bad as having no password at all.

A good IT consultant can help with more suggestions, and these items can all be automatically enforced by your servers, so that everyone on the network will be protected.

Security Updates and Patches

Have you ever noticed that annoying message popping up at the bottom of your computer screen saying “New Updates Are Ready to Install”? Have you ever been tempted to ignore it? Don’t! Every month Microsoft releases security updates for many of their products, and the only way to stay secure is to install them faithfully.

As soon as software companies become aware of security problems, they release patches and updates to correct the issues. It’s your responsibility to download and install the patches so your system will stay up-to-date. I recommend configuring Automatic Updates on all your machines so this process will happen automatically. In a server environment, installing the latest updates can be automated for all your computers and managed from a central location. Just like maintenance on your car, you should plan to apply security patches and updates regularly to keep out potential hackers and viruses.