① ②
PROTECTING YOUR CONGREGATION’S SYSTEMS
Securing an environment of Windows platforms from abuse—external or internal—is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted.
—Gene Spafford, from an e-mail to organizers of a workshop on insider misuse
Security is no longer an option. It is a requirement. The days of relegating security for congregational technology systems to the back burner is over. Security issues have moved from a low priority—as in we will do something but we do not want to spend a lot of money on it—to an area of primary focus. Yes, the same Gene Spafford, professor of computer sciences and philosophy at Purdue University and who we quoted above did say that, “People in general are not interested in paying extra for increased safety. At the beginning seat belts cost $200 and nobody bought them.” But, as Gene knows, we use them now because they save lives. The same is true with computer security. It saves your data’s life!
Security was a fairly minor consideration when we began developing our Computers and Ministry curriculum in 1998. Back then we gave the topic limited time. We had to present so many other topics that we decided that security could be left to casual conversation. We addressed it with our larger congregations—when needed. By 2000 this had changed dramatically—both for congregations and our approach. With the proliferation of broadband Internet access, “smart” viruses, and hacker attacks, it was obvious that security was an area that needed addressing.
These days everybody knows that security is important. Even humorist Dave Barry writes about it. That shows it is serious. But there is no cause for panic; if you take precautions, that is. The likelihood of someone intentionally causing harm to your congregation’s systems is unlikely—but not impossible. People do strange things. If they are angry with your congregation, for whatever reason, or just malicious, digital debauchery is a way for them to “rough youse up.”
In the summer of 2001 Gartner Group technology consultants and the U.S. Naval War College decided to see how vulnerable computer systems really were. They determined that, “The Internet has its vulnerabilities, including viruses and hackers, but most could be eliminated if companies followed basic good-housekeeping practices, such as keeping server software up to date” (The Wall Street Journal, December 16, 2002, B1).
So, what do we mean by security? Security threats include these three primary areas, which we’ll look at individually:
I AM SORELY AFFLICTED
Viruses are the best-known security threats. They are also the most likely to cause problems for a congregation’s technology systems. Computer viruses, much like human viruses, are germs or destructive genes. They enter a computer system and cause harm. Like human viruses, once in the system they can multiply, grow, and infect other systems. You have to “inoculate” a system to remove these viruses. For computers the antibiotics are called anti-virus software. This software searches out the virus. It then scrubs the system until it is virus-free. You cannot stop there. That is because if the system is left unprotected—doesn’t get its inoculation booster shot—it is likely to be infected again with other viruses.
Years ago the primary method for infecting computers was physically transferring files from one machine to another. Aaron once worked on a document at home, saved it to a floppy disk, and then copied that file onto his work computer. He didn’t know that there was a virus on his home machine. He unwittingly copied it to his work machine. That machine was on a network with 10 other machines. They all got “sick.”
Back when this way of transferring infections from one machine to another was problematic, the solution was simple. You prohibited users from moving files between machines. It was easy to keep viruses from spreading this way. Systems administrators just took the floppy drives out of the computers. Problem solved!
Then came e-mail. The proliferation of e-mail made infection much easier. Now, not only was it possible to accidentally infect others by sending them an e-mail with a file, but clever coders learned to implant e-mail infections in an e-mail. All without either the sender or recipient knowing they were there. That meant that anyone could infect a whole office by simply opening and reading a virus-laden e-mail. The Internet has made the problem worse, especially with its high bandwidth and many computers today utilizing always-on connections. The culprits have now figured out ways to introduce viruses without a user doing anything except having a connection to the Internet.
Although sneaky and possibly destructive, it is possible and rather simple to protect from viruses.
The first line of defense is the aforementioned anti-virus software. This software is the immunization for a computer system. Such software has two functions: (1) to prevent viruses from entering a system and (2) if a virus does make its way in, to remove it and keep it from doing harm to the computer system.
There are many manufacturers of anti-virus software. The two most prominent names are Norton Anti-virus (by Symantec) and McAfee (by Network Associates). This software is inexpensive—usually less than $50 per machine—and it does an excellent job of preventing and removing destructive viruses.
There is a catch, though. New viruses are created daily—sometime hourly. It is imperative that your virus definitions—those additions to the immunization software—are updated often. Daily is not too frequent. This is done by connecting to the Internet and downloading new virus definitions. Both McAfee and Norton make that an automatic and relatively easy task.
For congregations with local area networks, we highly recommend one of the server-based versions of these software titles (Norton Corporate and McAfee Total Virus Defense Suite). These packages let the administrator install server software. This then pushes the installation out to all the client machines. That way the virus definition updates need only happen on one machine—the server. The server then updates all of the client machines. This is not only easier to manage, but it’s often less expensive than purchasing a desktop version for each machine.
The second line of defense for virus protection is what’s called a firewall. A firewall for a computer system is the same as a firewall in an automobile. Instead of a piece of steel protecting the occupants of the car from an engine compartment fire, it’s a piece of software or hardware that protects the computer user from a virus or hacker attack. A firewall lets a computer user control exactly what is allowed to enter the computer or network.
This can be done with hardware or software. Hardware versions, such as those from Cisco, Sonicwall, and WatchGuard, offer relatively simple, plug-and-play solutions for firewall protection. Normally you can install and have these devices operational in a short time. Software, like offerings from Symantec and Black Ice Defender, do a great job of protecting computer systems from prying eyes. However, we find the software solutions slightly more difficult to set up. If you are protecting more than one machine on a network, then they should be installed on the server or machine that is controlling Internet access.
WHERE THIEVES BREAK IN AND STEAL
The next kind of security threats are intentional attacks. Often called hacking, this type of hazard comes from someone intentionally attempting to break into your computer. They might be trying to get information that might be useful (such as banking information, financial records, passwords). Most hackers just like to cause problems and mischief. The proliferation of full-time Internet connections has given hackers an easier go at their craft. Fortunately, for congregations, intentional hacking is highly unlikely. It is hard to pull off and fairly easy to prevent.
Again, the first line of defense is a firewall. Just as with virus prevention, a firewall keeps unauthorized prying eyes out of your business. A firewall is solid protection from all but the most determined hackers.
Another important way of keeping unwanted visitors out of your network is to use “dummy” IP schemes. For those unfamiliar with IP (Internet protocol) and its intricacies, don’t worry—your consultant or technical vendor will be conversant with this terminology. Simply put, this method has you assign a fake or unrecognizable IP address to machines on your network. That means that even if someone penetrates your firewall, the unwanted visitor is stopped there. Dummy IPs make that person unable to access any of the information on the machines or server. It also gives you a little bit of satisfaction knowing that someone out there has spent an inordinate amount of time trying to break into a network—only to find out that they can not access any information.
I HAD NO IDEA THAT IT WOULD DO THAT!
The final type of security threat, which is without a doubt the most destructive, is the unintentional one. As the name suggests, this category includes all those accidental goofs we all encounter. Things like someone downloading a file from home, bringing it to the office, and unknowingly infecting the LAN with a virus. Like Aaron did. Or a user receiving an e-mail that looks like it is from a friend when it is a virus veiled as a friendly e-mail. Like Brent. Or a user checking their home Yahoo or Hotmail account while at the congregation, seeing what looks like a funny video file from a friend, and opening it on their work computer—except that the file contains a virus, not a video from a friend.
These are common scenarios. If they are unfamiliar to you, well, you just haven’t been using computer technology long enough!
In addition to being the most destructive, these unintentional attacks are the hardest to protect. Most often these assaults are totally benign. Many come from just plain carelessness.
LAYING DOWN THE LAW
The first line of defense for all these security threats is designing and implementing a clearly stated set of “Acceptable Technology Use Policies.” Appendix G shows one example of an acceptable use policy. Everyone who uses a computer in your congregation—whether they are paid staff or volunteers—needs to understand what is acceptable and what is not. Be prepared for some initial unhappiness. Users may see this as usurping their authority. It is often hard to convince someone—especially a pastor who has a lot of congregational authority—that he or she cannot download and install software without the administrator’s permission. What they need to understand is that it’s about protecting everyone’s information, including their own.
It is much easier for one person or a small group to keep track of software installations across the enterprise than it is for each person to be responsible for his or her individual machine. When they still refuse to believe it, then you will have to create an enforcement mechanism. This sounds harsh, but it is something we recommend that you do whether you have stubborn users or not! The easiest way to control your computers is by using group policies. This requires a dedicated server that is running either a Windows NT or Windows 2000 server. These server operating systems allow the administrator to decide who can do what.
For instance, it is possible to prevent users from installing or deleting software, adding or deleting printers, changing passwords, or from erasing needed system files by mistake. Although this may sound too much like “big brother,” it is standard operating procedure for most network administrators. It has less to do with controlling what users do than it does with keeping things standardized and simple.
FILTERING—IT’S NOT JUST FOR WATER ANYMORE
Many times when people think of security, what they are thinking of is filtering. While it is a form of security, it is the opposite of traditional network security. For example, where a firewall keeps people on the outside from getting in, a filter keeps people on the inside from getting to certain things on the outside. Filtering is used almost exclusively for Internet access. It is used to keep users from intentionally or unintentionally browsing objectionable Web sites.
To filter or not to filter can be a more difficult question than it appears. For office staff, some congregations see limiting their Internet access as a violation of trust and free speech. For others, there is no question that, based on their theological perspective, they must use filtering. These are difficult decisions.
When it comes to children accessing the Internet, however, many feel very differently than they do about staff surfing. Many congregations now have computer labs for kids to do homework or learn computer skills. It is not uncommon for children to stumble mistakenly upon objectionable Web sites. There are companies that intentionally misuse Web addresses that they hope people will try—and erroneously lead them into a site they did not want to access, such as a pornography site.
Filtering is available in several ways. Software such as NetNanny does a decent job at keeping most computers protected. However, they rely on you to make sure they stay updated with the latest database of obnoxious Web sites. These sites, much like viruses, change daily. That makes the software ineffective if not constantly updated.
That is why we recommend filtering services. These install a small piece of software on each client machine. When a user types in a Web address, the reply goes to the filtering service provider first. If the site matches a taboo site in their database, which is constantly being updated, it is prevented from showing on the users’ computer without a password. Unlike filtered ISPs, these filtering services can be used with any Internet connection, whether it is dial-up, DSL, ISDN, or T-1.
THE PASSWORD IS . . .
The final—and simplest—method of managing security is passwords. A congregation’s network is only as secure as its weakest password. They are often very weak. It is far too common for congregations to allow users to establish passwords that are not difficult to guess. The most common passwords are password, secret, and jamesbond (really!). Make users establish passwords that are hard to guess—no nicknames or birthdates. Make sure users change them periodically, too. Also, make it clear that sharing passwords is not okay. This sounds silly, but it is one of the most common security weaknesses. Finally, do not make passwords so difficult that they cannot be remembered. If users have to write them down, then someone who should not will find them. There goes your security!
BACKUP, BACKUP, BACKUP (REPEAT DAILY)
After you have protected yourself, there is one last thing you can do. Back up your data—that is the ultimate security device. We cannot say enough about backing up your data—but we are only allowed to put so many words in this book, so we will take just a couple of paragraphs.
Many times congregations do not even think of backing up data. Not until there is an emergency that could have been averted if regular backups were a part of normal operations, that is. By then it is too late.
That is why you need to back up data regularly. Daily is not too often. If your congregation is networked, then you can save everyone’s user files on one computer and back that information up every night. If you use CMS and accounting software, you want to back up the data every night. You do not have to back up programs. Those are easily restorable from the original CDs (assuming you own a license and have the original CD). Always store your backups somewhere safe. That is not in a box under your desk or in the server room. Take them offsite. That way, if your church would have a fire and all your computers were destroyed, your data would be somewhere else. It would be safe and restorable. As soon as new computers are online, you could do a simple reinstallation of the original software and then restore the data. You will be back in business.
Too many congregations have experienced the horror of losing all their data with no backup and no way to recover other than starting from scratch. You do not want to be one of them.
There is good reason that this subject belongs in the security chapter. That is because sometimes the last resort to fixing data corrupted by a virus or inattention or stolen password is replacing it with data that has been recently backed up.
There is no excuse for not doing this. Backups are easy and inexpensive. And backup software can be set so that it will run unattended. It can literally save your data’s life. There are several very good backup software titles including Dantz Retropect and Veritas Backup Exec. There are different software versions depending on whether you’re backing up servers or desktops (or both). Microsoft Windows Server versions also come with a scaled-down version of Veritas Backup Exec already installed. This is often adequate for most congregations.
CHECK FOR INCOMING ELECTRICITY
Security is crucial for today’s congregations. If you ignore this topic, then you risk turning your computer into a doorstop years ahead of its time. And that is the best-case scenario. The worst-case scenario is that someone will destroy all your data, steal your financial information, and clean out your bank account.
Dave Barry’s “Keyboard Korner” (“the computer-advice column that uses simple, ‘jargon free’ terminology that even an idiot like you can grasp”) of December 14, 2003, suggests three things for making your computer secure. The first is to “get rid of teenagers.” The second is to “check for incoming electricity.” The final one is to “curl into a fetal position and remain under the desk.” This is good advice. Well, it is funny advice. Better advice is to install anti-virus and firewall protection. Update your passwords regularly. Back up your data.
If you do those things, you will find your computers “safe and secure from all alarms.”