Posts Tagged ‘Data Strategies’

GDPR and the Golden Rule

Written by Jonathan Smith on . Posted in Articles

© 2018 by Jonathan E. Smith, all rights reserved
Director of Technology, Faith Ministries
Reprinted from MinistryTech Magazine
 

I know what you’re thinking. You’ve received numerous emails over the past few months about GDPR and you are sick of hearing about it. Seeing GDPR one more time makes you want to scream. I’m with you. I’ve gotten emails about GDPR from companies I have no record of ever interacting with, and I’m a geek so I keep track.

While traveling around the past few months since GDPR went into effect on May 25, 2018, I’ve been amazed at the number of questions folks are asking about it and the astonishing lack of information there is about it, especially as GDPR relates to churches and ministries. In an attempt to narrow the knowledge gap here is my best effort to tackle the GDPR issue, specifically how it relates to churches and ministries. Please note, I’m not an attorney, I don’t even play one on TV, so while I’ve done my research it is always good to ask your legal counsel to sign off on any plans or changes you may have or plan to implement in response to GDPR.

What is GDPR?
GDPR stands for General Data Protection Regulation. It was passed by the European Union to provide their citizens with more control over their personal data and to determine what those they’ve given their personal data to can do with it. In many ways, it could stand for Golden Data Protection Rule, one with a biblical worldview could sum up GDPR as the Golden Rule of Data, treating others data the same way you want your data treated.

The law also provides a few specific provisions for EU citizens. First, what is considered personal data is defined. Second, EU citizens can request their data be completely removed or can only be used for certain purposes. For example, you can contact me using my data but you cannot send me ads using my data. Third, organizations operating in the EU have to report any data breaches within 72 hours.

Reading what GDPR does you can understand why it was written. It took Equifax weeks to notify the world they had been hacked, GDPR addresses that. Your data on Facebook makes you the product, not the customer and you have no control over what Facebook does with your data, GDPR addresses that.

How does this affect those not in the European Union?
This is the biggest question surrounding GDPR and one the entire planet is struggling to understand. The European Union has 500 million citizens, so they have the ability to push their agenda a bit. The challenge for organizations operating worldwide is the EU has set the strictest of standards, so do you operate with multiple policies concerning data collection and use based on where the individual lives, or do you work off GDPR since that ensures the most people will be covered by your policies. If you don’t fully understand, you aren’t alone.

Some companies in response have stopped operating in the EU until they can figure this out. The issue is they operate in the EU and are storing data for EU citizens. GDPR states how you should do that if you meet both qualifications.

Enforcement
This is where the world of international law gets complicated. While GDPR tells you how you can/should store and use the information of its citizens, it cannot be enforced on organizations that do not have a physical presence in the EU. Let’s take Facebook for example; they have a large, lucrative presence in the EU. They have data centers, offices, etc in the EU. The EU is able to enforce GDPR because Facebook has a physical presence there. In other words, there is a location that can be seized, personnel that can be arrested, and executives that can be taken to court.

For organizations that do not have a physical presence in the EU, this does not apply. There is no office or data center or person they can hold accountable and the EU is not able to enforce its laws on those outside the EU, for example, in North America. That’s how international borders work.

Blah, blah, blah. How does this Impact Churches?
If you’ve skimmed the first part of this, that’s fine but this is the part in which to pay close attention. At its heart, the GDPR legislation is about being a good steward of data. While data can mean many things from name, address, phone number to t-shirt size and food allergies, it is important for us to remember in the church world: data means people and people mean souls. We did not need GDPR to tell us to be good stewards of the people our ministries serve.

The Bible tells us to be good stewards (1 Corinthians 4:2), the Bible also tells us to obey the authority (Romans 13), including governments, placed over us. In this case, it seems the EU is telling those who operate in the EU to do what the Bible says and be good stewards of data.

GDPR requires a few things I would hope churches around the globe are already doing:

  1. If your data is breached, report it within 72 hours. Even without GDPR, every church should have a data breach plan and procedure in place and want to be open and honest when mistakes happen. The church is the last place that should try to cover it up for weeks or months.
  2. If a user wants you to remove them from your database, remove them. Even without GDPR, every church should have a procedure to remove a record from their database if someone does not want any of their information stored within your organization.
  3. If a user wants you to email them prayer requests but nothing else, honor their request. Even without GDPR, you should be able to send folks what they want and not require them to get everything you send out. There is a difference between sending out prayer requests and fundraising requests. Do you allow folks to determine how you use their data?

I’m sure by now some of you are wondering about financial data. What happens when someone gives you money and then wants to be totally removed? In the US you are required to keep a record of financial transactions for 7 years. Even without GDPR, if someone wants to be removed, but they’ve given you money, do you have a procedure to remove them while still keeping the financial record for 7 years and then removing them completely when the 7 years are up?

Most churches don’t have a physical presence in the EU so there isn’t an issue here but what happens if you do have a presence in the EU and someone from the EU gave you money and then wanted to be removed from your database? The principle is to apply donor intent; they don’t want to be in your database so you treat them as if they weren’t there by removing everything you can until you can remove their record entirely.

While there may be several legal and international law issues at play here, I believe the core concept is not a legal one but one of ministry integrity. We should not have needed GDPR to tell us how to care for the data those we minister to have entrusted to us.

FAQ 

  1. We support missionaries or other ministries that operate in the EU and have a physical presence there; do we fall under GDPR?
    • No, the organization you support in the EU that has a physical presence there does fall under GDPR but you as an individual or organization supporting them do not.
  2. Should churches have data access and user rights policies?
    • Yes, even if in a basic format a policy showing who gets access to your data, for what purposes, and how you handle the data you’ve been given is important. It is also important to note how you handle requests for removal from your databases and/or email lists. With everyone talking about GDPR, you may find a guest or two asking if you have any data policies before they give you their children’s allergies when they check their kids in some Sunday.
  3. Should anyone lose sleep over this?
    • No, what we are talking about here is Golden Rule stuff. If you are losing sleep over GDPR then there are probably bigger issues to address in how you handle user data.
  4. Is this really new?
    • No, in 1995 the EU had a privacy policy called Data Protection Directive. It expired when GDPR was enacted. In many ways, GDPR further refines and enhances privacy and data protection provisions that have been around since 1995.
  5. What counts as data?
    • This is harder to answer because there is admittedly some subjectivity here. The obvious name, address, phone number, email address, SSN, picture, etc are pieces of data that can be used to positively identify a person. Recently an EU court ruled that under certain circumstances an IP address can also be considered personal data and is therefore subject to GDPR.
  6. If we take signups and collect data on our website, do we need to make changes for GDPR?
    • Only if you have a physical presence in the EU.

Next Steps 

  1. If your church or ministries do not have a data access and management policy, then get one. Even a basic policy and procedure for how you handle user data and requests is important and shows you’ve thought about it and care about it.
  2. This is not an IT issue nor should this be dumped on the IT team. While IT clearly has a role in data management, they should not be the decision makers. GDPR requires organizations operating in the EU to have a privacy compliance officer. This can be a new employee or a role added to an existing employee. While churches and ministries may not need a privacy compliance officer the concept of having someone constantly checking to make sure you are being good stewards of data and coordinating data stewardship across ministry and church departments and silos is valid.
  3. Get legal counsel. If you operate in the EU or are concerned you might, it would be wise to consult with a licensed attorney with experience in this area. Don’t try to figure it out on your own. The EU is intent on enforcing GDPR and no church or ministry should want to be on their radar.

The Golden Rule comes from Matthew 7:12 and Luke 6:31. “Do unto others as you would have them do unto you.” This applies to how individuals relate to each other in person and online, and to how organizations treat each other and those they serve. Whether we are talking about money, data, time, or talent the Golden Rule is more than just a rule or ideology from long ago; it is the Word of God.


Jonathan Smith is the Director of Technology at Faith Ministries in Lafayette, IN. You can reach Jonathan at jsmith@faithlafayette.org and follow him on Twitter @JonathanESmith.

Church & Donor Management Software – ChMS

Written by Nick B. Nicholaou on . Posted in Articles

© 2018 by Nick B. Nicholaou, all rights reserved
Ministry Business Services, Inc. President
Reprinted from inSIGHT

Solutions from church and donor management software providers keep improving in their ability to help churches and ministries fulfill their mission! Their features to track and communicate with people, their web and mobile device interfaces, and their powerful database tools make this category of software a big help and a valuable asset for today’s ministries in reaching many with The Gospel and discipling them.

Church Software Historical Perspective
In the mid-1980s the number of these programs had grown to 262! Then some merged, some consolidated, and some went out of business, reducing the number to only 34. In the 1990s the Internet made it so easy for those writing solutions to share them that the number of solutions more than doubled! Our research this year found 53 solutions focusing on the church and ministry market, of which 35 qualified for this article (requirements include active marketing, minimum growth, and active development of their solution).

We always include new providers (those three years old or less) to give them a chance to build some momentum and compete with ‘the big guys’. It also keeps all of the providers ‘on their toes’ as the up-and-comers sometimes develop new technologies that benefit many churches and ministries in new ways.

Why Church Management Software?
The solution providers on the following pages meet the sophisticated and complex needs of churches and ministries. Tracking more than just simple CRM datasets like names, addresses, and phone numbers, many of these also help build community and track traditional and modern family relationships, spiritual gifts, talents, interests, attendance, nursery security, contributions, fundraising campaigns, volunteerism, small groups, and more.

Church and ministry offices can be stressful workplaces because of the many deadlines that must be met by an administrative staff that is typically smaller in number than what would be found in a similar-sized secular business. Church management software, if well written, can be a soothing balm. If it’s powerful, capable, fast, and stable, the ministry team can rely on it to help them get the most possible work done– efficiently and with minimal stress. And if its abilities are broad enough, every ministry in the church or ministry can focus on just one database, increasing synergy and minimizing cost.

Church Management Software Defined
Decades ago Steve Hewitt, then Editor-in-Chief of Christian Computing Magazine (recently re-branded as MinistryTech Magazine), labeled this software category tailored to meet the needs of churches as Church Management Software, or CMS. To help prevent confusion since there are now so many software categories called ‘CMS’, it is now referred to as ChMS. Parachurch ministries need to track similar data, so we invited those solutions into this article too. Following is a well-researched list of the leading ChMS providers at the time of this writing, with each stating at the top of the feature chart whether their focus is church, parachurch, or both.

Not-for-Profit Accounting
Churches and ministries exist in a unique accounting niche that most software (and even most CPAs!) can’t help with. But many ChMS packages can help in this area.One of a ministry’s most vulnerable areas is finance. All too often we hear about churches and ministries that have suffered embezzlement by a trusted team member. One of the best protections in an accounting system is a good audit trail, tracking the detail of every transaction and whose data cannot be altered in any way. For these reasons, some ChMS providers have written their own fully-integrated accounting system.

Some churches and ministries want a ChMS that has a fully-integrated accounting system, and we list the functions they look for in the chart. Others may not care if the ChMS provider has written its own accounting system, and for them it’s good to know that most ChMSes can interface with ‘third-party’ accounting systems such as those in the chart that only provide nonprofit accounting solutions.

Feature Chart
We’ve tried to give you the most comprehensive and quickest format possible of those ChMS database and accounting functions ministry teams request most. We removed features provided by all ChMS providers to help focus on solutions’ distinct feature sets.

The chart lists solutions by the name their providers use to market them rather than by the company name. We include the company name in the section following the chart in which we give information on each provider such as how to reach them, how long they’ve been making their solutions available, how many organizations they currently serve, their support hours, and how often they update their software. We have trusted the software companies; all of the information in this article was provided by them and has not been audited.

The chart uses two symbols:

  • The ” 1 ” symbol indicates features ChMS companies provide directly, and
  • The ” 2 ” symbol indicates needs they meet through an outside (third party) source.

Happy Hunting!
Shop wisely. We recommend doing your due diligence and checking with current users of the software you’re interested in. Ask questions like:

  • Does the software do what was promised?
  • Is their support team capable and available?
  • If you were faced with the same decision today, what would you do differently?

Feel free to contact any of the providers listed.  They would love to help you in your ministry.  Happy hunting!

CLICK CHART IMAGE TO MAGNIFY

chms-chart

 

List of ChMS Providers in Chart

ACS
By ACS Technologies
Phone:  800.736.7425
Email:  solutions@acst.com
Web:  www.acstechnologies.com
Company Founded in 1978
Years Marketing ChMS:  40
Ministries/Campuses Currently Using:  8000
Number on Team:  400
Support:  9 – 8 M-Th Eastern; 9 – 6 Fri; 24∙7 option
Last Major Release:  11/2017
Updates per Year:  8

FastFund Online
By Araize
Phone:  866.840.7449
Email:  sales@araize.com
Web:  www.araize.com
Company Founded in 1997
Years Marketing ChMS:  21
Ministries/Campuses Currently Using:  1200
Number on Team:  10
Support:  9 – 5 Eastern
Last Major Release:  6/2018
Updates per Year:  Ongoing via web

Aplos
By Aplos
Phone:  888.274.1316
Email:  sales@aplos.com
Web:  www.aplos.com
Company Founded in 2009
Years Marketing ChMS:  7
Ministries/Campuses Currently Using:  5400
Number on Team:  44
Support:  8 – 4 Pacific
Last Major Release:  10/2018
Updates per Year:  Ongoing via web

FellowshipOne
By Ministry Brands, a division of Ministry Brands
Phone:  844.459.8525
Email:  Sales@fellowshipone.com
Web:  www.fellowshipone.com
Company Founded in 2004
Years Marketing ChMS:  14
Ministries/Campuses Currently Using:  2000
Number on Team:  43
Support:  7 – 7 Central; Critical 24∙7
Last Major Release:  11/2018
Updates per Year:  Ongoing via web

Blackbaud Church Management
By Blackbaud
Phone:  800.468.8996
Email:  solutions@blackbaud.com
Web:  www.blackbaud.com
Company Founded in 1981
Years Marketing ChMS:  1
Ministries/Campuses Currently Using:  10
Number on Team:  500
Support:  8:30 – 8 Eastern; Critical 24∙7
Last Major Release:  10/2018
Updates per Year:  Ongoing via web

FlockBase
By FlockBase Software
Phone:  877.883.5625
Email:  kevin@flockbase.com
Web:  www.flockbase.com
Company Founded in 2007
Years Marketing ChMS:  11
Ministries/Campuses Currently Using:
2500
Number on Team:  4
Support:  9 – 5:30 Central
Last Major Release:  1/2018
Updates per Year:  1

Breeze ChMS
By Breeze LLC
Phone:  888.320.6030
Email:  support@breezechms.com
Web:  www.breezechms.com
Company Founded in 2013
Years Marketing ChMS:  5
Ministries/Campuses Currently Using:  5441
Number on Team:  33
Support:  9 – 6 Eastern
Last Major Release:  10/2018
Updates per Year:  Ongoing via web

Fresh Vine
By Fresh Vine
Phone:  888.708.1905
Email:  contact@freshvine.co
Web:  freshvine.co
Company Founded in 2008
Years Marketing ChMS:  7
Ministries/Campuses Currently Using:  380
Number on Team:  3
Support:  10 – 5 Central
Last Major Release:  3/2017
Updates per Year:  Ongoing via web

CahabaWorks Church Software
By CahabaCreek Software, a division of 2AB
Phone:  205.621.9649
Email:  sales@cahabacreek.com
Web:  www.cahabacreek.com
Company Founded in 1997
Years Marketing ChMS:  10
Ministries/Campuses Currently Using:  1489
Number on Team:  10
Support:  9 – 4 Central M-Th; Email 24∙7
Last Major Release:  12/2017
Updates per Year:  4

IconCMO
By Icon Systems
Phone:  800.596.4266
Email:  sales@iconcmo.com
Web:  www.iconcmo.com
Company Founded in 1992
Years Marketing ChMS:  26
Ministries/Campuses Currently Using:
3000
Number on Team:  9
Support:  8 – 5 Central
Last Major Release:  11/2018
Updates per Year:  Ongoing via web

CCIS Shield CMS
By CCIS Church Management Software
Phone:  800.295.7551
Email:  Sales@ccissoftware.com
Web:  www.ccissoftware.com
Company Founded in 1981
Years Marketing ChMS:  38
Ministries/Campuses Currently Using:  6740
Number on Team:  60
Support:  8 – 5 Eastern
Last Major Release:  3/2018
Updates per Year:  3

Iglesia HOY
By JRSoftware
Phone:  52.1.664.2515478
Email:  informacion@iglesiahoy.com
Web:  www.iglesiahoy.com
Company Founded in 1999
Years Marketing ChMS:  19
Ministries/Campuses Currently Using:  3260
Number on Team:  6
Support:  8 – 6 Pacific
Last Major Release:  8/2018
Updates per Year:  4

CDM+
By Suran Systems
Phone:  800.891.4236
Email:  sales@cdmplus.com
Web:  www.cdmplus.com
Company Founded in 1987
Years Marketing ChMS:  32
Ministries/Campuses Currently Using:  6500
Number on Team:  24
Support:  8:30 – 6 Eastern
Last Major Release:  9/2018
Updates per Year:  3

MinistryPlatform
By Think Ministry
Phone:  678.404-2467
Email:  sales@thinkministry.com
Web:  www.ministryplatform.com
Company Founded in 2008
Years Marketing ChMS:  10
Ministries/Campuses Currently Using:  541
Number on Team:  14
Support:  9 – 6 Eastern
Last Major Release:  10/2018
Updates per Year:  6

Church Community Builder
By Church Community Builder
Phone:  719.266.2888
Email:  marketing@churchcommunitybuilder.com
Web:  www.churchcommunitybuilder.com
Company Founded in 1998
Years Marketing ChMS:  18
Ministries/Campuses Currently Using:  4400
Number on Team:  110
Support:  6 – 6 Mountain
Last Major Release:  8/2018
Updates per Year:  Ongoing via web

Parish Data System (PDS)
By ACS Technologies
Phone:  800.736.7425
Email:  solutions@acstechnologies.com
Web:  www.acstechnologies.com
Company Founded in 1978
Years Marketing ChMS:  40
Ministries/Campuses Currently Using:  8000
Number on Team:  395
Support:  9 – 8 M-Th Eastern; 9 – 6 Fri
Last Major Release:  11/2018
Updates per Year:  8

Church Windows
By Computer Helper Publishing
Phone:  800.533.5227
Email:  sales@churchwindows.com
Web:  www.churchwindows.com
Company Founded in 1987
Years Marketing ChMS:  31
Ministries/Campuses Currently Using:  12000
Number on Team:  25
Support:  9 – 6 M-Th Eastern; 9 – 5 Fri
Last Major Release:  8/2018
Updates per Year:  1

ParishSOFT Family Suite
By ParishSOFT, a division of Ministry Brands
Phone:  866.930.4774
Email:  parishsoftsales@parishsoft.com
Web:  www.parishsoft.com
Company Founded in 1998
Years Marketing ChMS:  20
Ministries/Campuses Currently Using:  11400
Number on Team:  65
Support:  8:30 – 7 Eastern
Last Major Release:  11/2018
Updates per Year:  Ongoing via web

Church360°
By Concordia Technology Solutions, a division of Concordia Publishing House
Phone:  800.325.2399
Email:  softwaresales@cts.cph.org
Web:  www.church360.org
Company Founded in 1869
Years Marketing ChMS:  8
Ministries/Campuses Currently Using:  1250
Number on Team:  25
Support:  7:30 – 5 Central
Last Major Release:  10/2018
Updates per Year:  Ongoing via Web

PowerChurch
By PowerChurch Software
Phone:  800.486.1800
Email:  info@powerchurch.com
Web:  www.powerchurch.com
Company Founded in 1984
Years Marketing ChMS:  34
Ministries/Campuses Currently Using:  38000
Number on Team:  17
Support:  9 – 6 Eastern
Last Major Release:  11/2017
Updates per Year:  Ongoing via web

Churchteams
By Churchteams.com
Phone:  817.405.9750
Email:  support@churchteams.com
Web:  churchteams.com
Company Founded in 2001
Years Marketing ChMS:  10
Ministries/Campuses Currently Using:  850
Number on Team:  8
Support:  8:30 – 5 Central
Last Major Release:  9/2018
Updates per Year:  Ongoing via web

Realm
By ACS Technologies
Phone:  800.736.7425
Email:  salesteam@acst.com
Web:  www.acstechnologies.com
Company Founded in 1978
Years Marketing ChMS:  5
Ministries/Campuses Currently Using:  6646
Number on Team:  370
Support:  8 – 8 Eastern
Last Major Release:  11/2018
Updates per Year:  26

ChurchTrac Online
By ChurchTrac Software
Phone:  877.704.0222
Email:  support@churchtrac.com
Web:  www.churchtrac.com
Company Founded in 2004
Years Marketing ChMS:  14
Ministries/Campuses Currently Using:  10200
Number on Team:  7
Support:  8 – 7 Eastern
Last Major Release:  11/2018
Updates per Year:  4

Servant Keeper
By Servant PC Resources
Phone:  800.773.7570
Email:  sales@servantpc.com
Web:  www.servantpc.com
Company Founded in 1994
Years Marketing ChMS:  24
Ministries/Campuses Currently Using:  35000
Number on Team:  30
Support:  9 – 6 Eastern
Last Major Release:  2/2017
Updates per Year:  Ongoing via web

COMS and EFA for Windows
By Specialty Software
Phone:  800.568.6350
Email:  sales@SpecialtySoftware.com
Web:  www.specialtysoftware.com
Company Founded in 1984
Years Marketing ChMS:  35
Ministries/Campuses Currently Using:  6400
Number on Team:  5
Support:  9 – 5 Eastern
Last Major Release:  10/2018
Updates per Year:  4

Shelby Arena
By Shelby Systems, a division of Ministry Brands
Phone:  800.877.0222
Email:  sales@shelbyinc.com
Web:  www.shelbysystems.com
Company Founded in 1976
Years Marketing ChMS:  11
Ministries/Campuses Currently Using:  650
Number on Team:  95
Support:  7 – 6 Central
Last Major Release:  11/2018
Updates per Year:  4

Cool Life Ministries
By Cool Life CRM
Phone:  800.988.8850
Email:  sales@coollifecrm.com
Web:  www.coollifecrm.com
Company Founded in 2005
Years Marketing ChMS:  2
Ministries/Campuses Currently Using:  7
Number on Team:  6
Support:  9 – 5 Eastern; Email 24∙7
Last Major Release:  11/2018
Updates per Year:  Ongoing via web

ShelbyNext
By Shelby Systems, a division of Ministry Brands
Phone:  800.877.0222
Email:  sales@shelbyinc.com
Web:  www.shelbysystems.com
Company Founded in 1976
Years Marketing ChMS:  42
Ministries/Campuses Currently Using:  1600
Number on Team:  95
Support:  7 – 6 Central
Last Major Release:  10/2018
Updates per Year:  Monthly

Donarius ChMS
By Nuverb Systems
Phone:  888.479.4636
Email:  question@nuverb.com
Web:  www.donarius.com
Company Founded in 1993
Years Marketing ChMS:  20
Ministries/Campuses Currently Using:  2360
Number on Team:  1
Support:  9 – 6 Eastern
Last Major Release:  6/2018
Updates per Year:  20

Software4Nonprofits
By Cooperstock Software
Phone:  416.423.7722
Email:  info@software4nonprofits.com
Web:  www.software4nonprofits.com
Company Founded in 1999
Years Marketing ChMS:  19
Ministries/Campuses Currently Using:  8000
Number on Team:  3
Support:  9 – 9 Eastern
Last Major Release:  10/2018
Updates per Year:  6

ELEXIO Community
By ELEXIO, a division of Ministry Brands
Phone:  888.997.9947, x1
Email:  sales@elexio.com
Web:  www.elexio.com
Company Founded in 2000
Years Marketing ChMS:  18
Ministries/Campuses Currently Using:  1200
Number on Team:  50
Support:  9 – 5 Eastern
Last Major Release:  11/2018
Updates per Year:  24

Software4Nonprofits
By Cooperstock Software
Phone:  416.423.7722
Email:  info@software4nonprofits.com
Web:  www.software4nonprofits.com
Company Founded in 1999
Years Marketing ChMS:  19
Ministries/Campuses Currently Using:  8000
Number on Team:  3
Support:  9 – 9 Eastern
Last Major Release:  10/2018
Updates per Year:  6

Faithful Steward
By Diakonia
Phone:  800.325.6642
Email:  info@faithfulsteward.com
Web:  www.church-software.com
Company Founded in 1992
Years Marketing ChMS:  24
Ministries/Campuses Currently Using:  1086
Number on Team:  3
Support:  9 – 5 Central
Last Major Release:  4/2018
Updates per Year:  Ongoing via web

TouchPoint
By TouchPoint Software, a division of Pursuant
Phone:  901.654.7179
Email:  sales@touchpointsoftware.com
Web:  touchpointsoftware.com
Company Founded in 2008
Years Marketing ChMS:  10
Ministries/Campuses Currently Using:  554
Number on Team:  15
Support:  8 – 5 Central
Last Major Release:  11/2018
Updates per Year:  12

 

Five Things Worth Doing in January

Written by Nick B. Nicholaou on . Posted in Uncategorized

© 2017 by Nick B. Nicholaou, all rights reserved
President, Ministry Business Services, Inc.
Reprinted from MinistryTech Magazine

January, 2018! The start of a new year! New beginnings are part of the Christian life, and January is a great time to make certain a few IT items are ready for the New Year. Let’s focus on protecting systems and data….

Firewalls
The most common entry point for malware and other system ills is the internet. The best way to protect your system and data from bots, rascals, and compromised websites is to be certain your firewall is adequate and is current. Some points worth examining:

  • Is your firewall adequate? There are many options to consider when buying firewall solutions– whether hardware or software. My firm’s preference is SonicWALL firewalls (we don’t sell or benefit from our hardware and software recommendations). We find the features and price point are a good ‘sweet spot’ for churches and ministries. Yes, you can buy more expensive and capable firewalls, but very few churches and ministries benefit from any features beyond what SonicWALL includes in their firewalls. We also recommend purchasing their Total Secure package, which can filter internet content.
  • Is your firewall subscription current? Regardless of which firewall you use, make certain that if it requires a subscription to stay current, your subscription is current and in force. Not doing so is the equivalent of welcoming intruders, rascals, bots, and malware that have developed new methods for gaining access to your systems and data.
  • Make certain there is no connection from your systems to the internet that don’t go through your firewall. We have seen many churches and ministries mistakenly connect their internet connection directly to their network switch. The internet connection should connect to your firewall, and then your firewall to your switch so that all internet traffic MUST go through it.

SPAM
The second most common way for malware to access your systems and data is via email attachments and links. SonicWALL is not our preference for this important role; we prefer the Barracuda SPAM Filter. It is best of breed and a best practices solution.

My firm inexpensively hosts SPAM filtering for many churches and ministries. I don’t mention that to try to sell our service, but to point out that we were surprised to see how many users of Microsoft O365 email use our hosted SPAM filtering solution (yes, we use a Barracuda SPAM Filter, model 600). We moved our email to O365 for six months and were shocked at how much SPAM got through Microsoft’s filter! Now we know why so many O365 users have their email scrubbed by other solutions!

Anti-Malware
Protecting systems and data requires multiple layers. An important one is your anti-malware solution. And simply purchasing and installing it is not enough! These solutions also have subscriptions that keep them updated and identifying new methods used to cause  harm. It is essential that the subscription on your anti-malware not be allowed to lapse– the same as your firewall subscription. I know churches and ministries that have been hit by new ransomware methods because they didn’t keep their subscriptions current.

The anti-malware my firm recommends is Thirtyseven4.com. It is capable, and it is reasonable in cost.

BTW… it should be installed on every Windows and Mac computer– whether notebook, tablet, desktop, or server. Some say it’s not necessary on Macs, but that isn’t true. Even though few anti-malware threats are written to impact Macs, Macs can be carriers that infect shared data drives and more.

Passwords
What is your password policy? Here are some quick thoughts on this important topic:

  • Passwords should be strong (minimum of 7 characters that include uppercase and lowercase alpha, numbers, and common punctuation).
  • Passwords should not be required to periodically change! Our firm has been saying for many years that forcing users to change their passwords actually lowers system security. In 2016 the U.S. Federal Trade Commission agreed with us based on two studies! You can read about it at https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes.

Backup
Some say protecting the integrity of system data is IT’s most important responsibility. Do you have a comprehensive backup strategy? And do you test it? An untested strategy is dangerous! Here’s what we recommend:

  • Establish a strategy that makes certain all important data is on your server. This is worth doing because 1) it is the organization’s data, and 2) it eliminates the requirement that all systems need to be connected to the network (facilitating notebooks, etc).
  • Backup all system data nightly to an appropriate device. LTO tape is the most affordable and durable technology for this, and is preferred by most of corporate America. Our favorite backup solution is Veeam. It’s powerful, easy to use, and they offer churches and ministries very reasonable pricing.
  • Take a copy of your backup tape off-site weekly to protect your organization from a larger disaster.
  • Create a monthly task in whatever task tracker you use (like Outlook) to test the backup. You can do this by restoring a random file or folder, and then confirming that the restored files are intact.

These five things will likely take less than an hour to check, and can help ensure that your organization’s systems and data are well-protected for 2018! Happy New Year!

Helpful Computer Hacks

Written by Nick B. Nicholaou on . Posted in Articles, Uncategorized

© 2017 by Nick B. Nicholaou, all rights reserved
President, Ministry Business Services, Inc.
Reprinted from MinistryTech Magazine

I grew up in an age when a ‘hack’ was someone who was incompetent. In those days there were no personal computers or mobile devices. Now everyone has access to multiple computers and various mobile devices. And wouldn’t you know it– ‘hack’ has a new meaning! Today a hack can be a clever way to get things done well.

Following are some hacks that can really help improve your efficiency on a computer!

Hacks for Computer Users
The following hacks are especially helpful for computer users.

Keyboard shortcuts. In today’s world of Windows and Mac operating systems we have become dependent on pointing devices. Granted, those devices are very helpful. But before these current operating systems, we used keyboard combinations to do some of what we now do with a mouse or track pad. Those keyboard shortcuts are still available to use, and they can save time! Here are six I still use often:

Function

Windows

Mac

Print

Ctrl + p

⌘ + p

Copy

Ctrl + c

⌘ + c

Cut

Ctrl + x

⌘ + x

Paste

Ctrl + v

⌘ + v

Italics

Ctrl + i

⌘ + i

Bold

Ctrl + b

⌘ + b

Multiple Monitors/ Displays. For those who’ve always used one monitor or display, having two or may three seem excessive. But the increase in productivity with two or three is surprising! I always recommend at least two now; the cost is minimal and the benefits are significant! My desk is configured with three: the one on my left always has Outlook running on it, the one in the middle is where I do most of my work, and the one on my right is for research references (browser, database, etc). I also find it helpful when opening large spreadsheets to stretch them across my middle and right displays!

Recurring Tasks. We all have them: recurring deadlines that are due every Wednesday, once a month, quarterly, etc. I use Outlook’s task functionality to set the reminders I need to help me hit my deadlines. This is one of the most helpful and least used tools available. I also use Outlook tasks to remind me to do things I’ve promised to do, helping me avoid them falling through the cracks of my active schedule.

Managing Email. Email consumes a larger part of our days than most of us want. I have three email hacks that help me stay focused and efficient, even though my average daily email count is well over 100.

  • Inbox. I keep my Inbox as empty as possible so I don’t waste time reading the same emails over and over. When an email comes in I either respond and then delete the original (a copy of the original is in my response!), put a flag (due date) of when I want to respond by and drag it to a subfolder based on the type of email it is (personal, business, etc), or delete it if it’s one I don’t care about (like an ad).
  • Sent Items. Once I send an email I delete it unless I need a reminder that I’m waiting for a response or it was a topic that could have legal ramifications (if it was, I make a PDF copy and store it).
  • Trash. I empty my trash at the end of every day. In the rare case that I need to find something I deleted, I log into our email server via browser (using Outlook Web Access), search deleted files, and restore it.

Automatic Backup. I always feel bad for someone who says a hard drive crashed and they lost all of their files, including photos that were irreplaceable. Losing important files is painful. There are many cloud services available to consumers that will automatically back up files to their cloud servers. There are also utilities in the Windows and Mac operating systems that will automatically back up files to an external drive.

Hacks for IT Professionals
The following hacks are especially helpful for IT professionals.

System setup checklists. As IT pros, we often set up new systems. If the process isn’t automated, I recommend creating a checklist to help achieve standardization. In addition to improving setup consistency, checklists save time because you don’t need to review your work to determine what you’ve already done after an interruption.

Professional Relationships. It’s so helpful to build friendships with people you can turn to when a challenge comes up that stumps you! Those ‘lifeline’ calls can save so much time! The best professional organization I’ve found for those in church and ministry IT is The Church IT Network (http://churchitnetwork.com). They have a low-cost annual gathering in the Fall, and low-cost regional gatherings in the Spring.

Monthly Backup Test. Set a task in Outlook to test your backup monthly. A good test is to restore a file or folder structure and then open the file(s) to verify the backups you’re relying on are good.

Those are some hacks that can really help!

Don’t Become a Cybercrime Victim

Written by Nick B. Nicholaou on . Posted in Articles, Uncategorized

© 2017 by Nick B. Nicholaou, all rights reserved
Ministry Business Services, Inc. President
Reprinted from inSIGHT

The most current stats published by the FBI (2015 via ic3.gov) show they received nearly 290,000 cybercrime complaints that year, with an associated loss of $1.1 billion! At the time of this writing a new ransomware called WannaCry (aka WannaCrypt) is infecting computers worldwide. Are you and your data safe? What do you need to do– and not do– to be safe?

Age Groups Affected
The two age groups most impacted by cybercrime are ages 20-39, and ages 40-59, and both of those groups are about evenly split. Together they account for 80% of cybercrime victims in the U.S. Thatmakes sense when you figure that those under 20 (4% of victims) don’t have much to spend online, and of those over 60 (16% of victims), only a portion of those are heavy computer users. So, what the stats seem to say is that if you use a computer, you are equally at risk no matter what your age is.

How Do Cybercrime Infections Happen?
Most cybercrime happens one of two ways:

  1. Via Email. An email appears in your inbox that has a link, graphics, or a form to complete, or may appear to be from someone you know (known as spear phishing).
  2. Via Infected Websites. Websites, even those that are legitimate, can be infected with malware easily if their hosts are not keeping up with security patches and strategies. Criminals can buy inexpensive ‘crimekits’ that look for and infect vulnerable websites. We’ve even seen that happen to church and ministry websites!

How to Protect Yourself and Your Data
Let’s address this in the two categories of email and websites.

  1. Via Email. There are a number of things you can do and are best not to do to help in this area:
    • Make certain your email is scanned by a capable SPAM filter to help minimize the number of dangerous emails that get to your inbox. I say minimize because some will still get through even the best SPAM filter; those are often referred to as zero hour emails. Zero hour emails are newly introduced methods and strategies that have not yet been identified as a pattern of dangerous email.

      Our firm prefers Barracuda SPAM filters. We even tested Microsoft’s O365 SPAM filtering solution, and found that it let many more unwanted emails through than the Barracuda– especially­ from other O365 email accounts.

    • The FBI warns as follows:
      • Do not click links in emails. I modify their warning, that you can click only if you first hover your mouse over the link, which will show you where it wants to take you. If you’re not certain the destination is safe; do not click the link.
      • Never reply to senders you don’t know. This gets tricky, though, because the sender can be spoofed, as in spear phishing. If you want to reply to someone– even someone you know, look at the email address in the ‘To’ field when you’re composing your response to be certain that address is what you expected to see there before clicking ‘Send’.
      • Do not fill out forms in emails.
      • Do not open attachments in unsolicited email.
      • Be skeptical of those representing themselves as surviving victims or friends in need.
    • I add one more item to the FBI’s list. Immediately delete SPAM emails, and empty your deleted items daily.
  1. Via Infected Websites. I recommend two methods of protection in this area:
    • Use a good firewall to protect your entire system from dangerous content transmitted from websites. The better firewalls let you filter content, but for this discussion, the focus is on protecting your systems from malware. Typically there is a subscription from the firewall provider that must be kept current to protect you from newer methods and strategies.

      The firewalls my firm recommends are SonicWALL firewalls running their Total Secure subscription package. We find those to be the sweet spot of features, protection, and cost for churches and ministries.

      If you’re a consumer vs an organization, check with your Internet Service Provider (ISP) and confirm with them that they have all of the protections turned on in the modem or router they provided.

    • Use a capable anti-malware solution on your computers– whether Windows or Mac (yes, Macs get infected too, regardless of what many say). The solution my firm likes most is Thirtyseven4.com; it is capable and reasonably priced.

Finally, keep a history of total data backups to help you recover from an infection that somehow slips through. There are no total guarantees of protection, and having a history of backups available (we prefer a full month of daily backups to cover an infection that has an incubation period and doesn’t ‘go live’ and get noticed for awhile), you should be able to recover from any infection that happens.

What About WannaCry Ransomware?
WannaCry takes advantage of a Windows vulnerability that Microsoft patched months before the outbreak occurred for all their supported operating and network operating systems. That said, it is important to keep your systems and apps up to date regarding patches; many of the updates are security-related.

It appears WannaCry is gaining access to files from people responding to a spear phishing attack. Be cautious with the emails in your inbox!

If you are running an unsupported Microsoft operating system, like XP, Windows 8.x, or Server 2003, Microsoft recently released a patch you can manually download and apply to shore up the vulnerability WannaCry exploits. Here’s a link directly to Microsoft for help:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/.

Don’t become a victim of cybercrime! These are easy-to-implement strategies and disciplines that you, your staff, and your family can adopt. And there will likely come a time when you’ll be glad you did.