In the digital age, it can be overwhelming to hear about data breaches, compromised credit card information, and scams that seemingly run rampant. Unfortunately, churches are not immune to these threats. The good news, though, is that there are simple ways you can keep your church’s data more secure! The following tips are a great starting point for keeping your information secure.
Passwords
Passwords are your first line of defense for account security. Make sure to update passwords regularly—at least every 90 days—to reduce your chances of security being compromised. Never reuse passwords across different services or websites, lest a breach in one service give a bad actor access to every other website where that password was used. In addition, it’s important that you don’t share passwords with anyone, and don’t write down passwords or leave them in easily accessible locations. Consider using a password management service to keep things organized and secure.
Passphrases are a great tool to employ when creating passwords. In essence, a passphrase is made up of multiple words, making it harder to guess for a hacker, but more memorable for you. An example of a passphrase is “Johnnystolemygumballin3rdgrade!” With a passphrase like this, you have the security of a long and obscure password, yet the simplicity of a phrase unique to you.
Another wise choice is to utilize multi-factor authentication whenever possible. We all groan when we have to grab our phone or open our email to retrieve a security code when logging into accounts, but in the off chance that someone is trying to access your account, you will be glad to have the extra protection! Additionally, Passkeys are a new form of two-factor authentication that completely negate the use and need for a password. Make sure to use best practices when using passkeys to ensure top security.
Congregational Information
Your members trust their church with their personal information, confidential prayer requests, and hard-earned tithes and offerings. It’s important to honor this trust by being careful with what you share online. For example, if your church publishes newsletters or bulletins online, or live streams services, make sure to thoroughly vet what is shared. Your quilting club might be comfortable having a member’s address published for the church to see, but not so comfortable sharing it with the whole internet!
A great way to protect confidential information is to employ password-protected pages on your website. This way, information will stay solely in the hands of those for whom it is intended.
It is imperative that churches are thoughtful in how they distribute church directories. Directories are a wonderful tool for members to reference, but in the wrong hands, they divulge names, photos, and personal information that can be used nefariously. That being said, make sure you send directories only to addresses that have been recently verified.
Church Giving
When dealing with your members’ firstfruits, tithes, and offerings, it is your obligation to treat eGiving with utmost security and care. This is why you should use only official channels for eGiving to maximize security.
Another crucial piece of advice is to make sure your congregation knows how your pastor asks for money, and how he doesn’t. For example, your pastor might encourage tithing or fundraising through official church channels, but he will not request financial help over text messages, emails, and such. Scammers often prey on the generosity of church members by impersonating pastors and requesting funds through gift cards, Venmo, and the like. Members ought to be informed of how they will be contacted by pastors and church staff. That way, if they receive a text from a fishy number, or an email from an unfamiliar domain, they have a reduced chance of being duped.
We hope these tips, though not exhaustive, help you secure your church’s data. Discover more ways to keep your church’s technology secure with this free download of our eBook Computer Security for Your Church.