Has your church considered the value of its electronic data assets? Can you even begin to put a price tag on its worth? Are your church’s data properly protected from unauthorized viewing, corruption, loss due to fire or theft? Your data is no less valuable, and deserves the same sorts of protection, as your buildings and their contents.

You may never have considered the importance of your data, or the need to protect it. Some data is critical to the long-term mission of the church, some are critical for day-to-day operations, while some are confidential and need to remain so.

Here’s the question which needs a definitive answer: “How would our church, its ministries, and operations be affected if our data was destroyed, stolen, or publicized?”

Consider how effectively your congregation is protecting critical data, which might include:

Databases

Churches traditionally collect names, birthdates, and other personal or contact information on members, attenders, and donors. Information your church may collect to better serve your congregation may include attendance, baptism, and contributions. Churches are likely to have more than one database which may be stored in several church computers, personal computers, smartphones, or tablets.

Multiple databases and storage devices increase the complexity of protecting critical data from loss, theft, or simply prying eyes. Databases come in a variety of forms, whether they are true databases, spreadsheets, or document files.

Sermons and Lesson Preparation

How many sermons has the pastor written and stored in a church computer? What about illustrations and other sermon aids? How much has been spent on gathering those resources? Is there a backup of those resources?

Communications

What sensitive information is unprotected in letters and email – both internal and external – between church employees, and employees and volunteers, employees and vendors? Does the church send mass emails with everyone’s email address in the open, possibly violating their privacy in doing so? Are text messages being monitored from or between staff members or others that could contain sensitive information not meant for public disclosure?

Graphic Files

Where are files being stored of the church’s weekly bulletins, promotional materials, audio and video recordings of worship services and other events? Are they all backed up? What about electronic materials, stock photos, or line art that you have purchased?  

Corporate and Government Documents

Where are the church’s Articles of Incorporation, Bylaws, bank records and financial reports, FEIN letter from the IRS, copies of state and federal employer tax returns, property records – deeds, tax bills, building permits? And what about other critical documents such as insurance policies, claim files, or contracts with vendors such as landscapers, custodians, and tradesmen? If digitized, are they properly and frequently backed up? If these are not all being stored in digital form, why not? Are physical copies at least being kept in fireproof cabinets?

Custom Programming

What files have been created and are routinely used by staff or volunteers? What would it take to recreate them from scratch – the time or money? 
These examples are only the tip of the iceberg needing to be considered related to cybersecurity. Beyond simply identifying things at risk, churches should seriously consider steps to safeguard them. For more information contact California Southern Baptist Convention’s human resources and church compliance specialist by emailing hrcc@csbcc.com or calling 559.256.0858.