Cyber Security is a hot topic these days. We hear and read stories daily of hackers breaching a company's data and holding them hostage. Or using data for wicked purposes.
While Smart Church Solutions is an expert in church facilities and even physical security, the world of cyber security is a whole other issue. Therefore, we reached out to our friend Jonathan Smith, the new owner of MBS, Inc.
Jonathan shared some great insight — which we have listed below — that we want to pass on to you. Thanks, Jonathan!
What is cyber security?
Cyber security is protecting your cyber assets. Cyber assets are very broad and include your websites, email accounts, computers, websites, online databases (ChMS), cloud storage, anything that connects to the internet.
Is this a real issue for churches or just big corporations?
Both — the attacks on the big corporations show us how effective these kinds of attacks can be. When companies agree to pay millions of dollars in ransom to get their data back, that shows the success of the attack. Corporations are big targets and often have much more in terms of cyber security hardware, software, and personnel than the church does. If the bad guys ever figure out how poorly churches do cyber security, lookout.
How could these attacks impact us as a church?
First and foremost the testimony of our Savior is on the line. We should want to protect our cyber assets the same way we want to protect our testimony. When a church has a breach, trust in the organization and thus the organization’s message is lost. It is also important to consider how churches are funded. You lose confidence in your ability to handle money, whether online or offline, and the future of your ability to minister is going to be called into question.
With the increase in IoT devices, are we susceptible to attacks?
In theory, yes. In application, not really. IoT attacks require a bit more in terms of programming to exploit a security vulnerability in the IoT device. IoT security is important, but the attack vector of choice is phishing via email and tricking users into giving away the access needed for the attack, typically ransomware.
Keeping your IoT devices secure is still important, but the susceptibility to attack mostly lies with the people on your network clicking the mouse. It is often far too much effort to somehow hack your network through an IoT device when I can easily trick you into giving away the keys to the kingdom. Is it easier to dig a tunnel or trick you into giving me the keys?
What can we do to protect the church and our congregation?
Invest in cyber security services, both IT hardware/software as well as end-user training. Stewardship has some churches investing in some hardware and software but not in training the human side. The human firewall is less tangible but equally vital. Leadership also needs to find tech counsel they can trust so as tech decisions are made the big pictures and cyber security and awareness are part of the decision-making process. Too often churches get in a hurry and security is the afterthought. This is what makes churches easy targets.
Cyber Security for your church: closing thoughts
It is important to know these attacks are not sophisticated programming hacks where a bad actor is forcing his way into your network. The majority of these attacks are carried out by tricking folks into clicking phishing emails. You can have the best security system in the world but if you leave your keys on the front porch, or worse yet, give them to the bad guys, your house will get robbed. Falling for a phishing attack is like leaving your keys on the porch – hard to fuss when you get robbed when you gave away the access.
For more information on how to fight cyber security for your Smart Church, reach out to our team.