It seems like we read about another data breach daily. As churches move more of their operations, including accounting and contributions, to the iCloud, it is increasingly important to be diligent about keeping your computers, network and on-line accounts safe and secure. This is especially true for systems that access bank accounts, have donors’ credit card information or employees’ social security numbers. Your systems are only as secure as the weakest link. For this reason, it is important for the church to implement and enforce policies regarding passwords.
If you walk through the building and see passwords written on post-it notes attached to a computer, you need to implement a new policy. Also, a recent study found over 21,000 stolen passwords used “Jesus” as part of the password. Other easily hacked passwords included popular Bible references, such as “Jeremiah2911” or “John316.” Hackers use software that search for common words and phrases and can easily crack these types of passwords.
Whenever available, use a 2-step verification, where a code is sent to your smart phone or email to confirm you are the one trying to access the account. While not convenient, they provide a dual layer of security.
Have an IT audit by a local to make sure your computer hardware is up-to-date. Also, visit us-cert.gov for more information on cyber security.