Most of you have probably been made aware of the recent scandal where a Pennsylvania school is charged with spying on their students via webcam.
Yikes.
Whether or not it’s true is still under investigation but it reminded me of a few conversations I’ve had with a few church leaders about “monitoring” the usage of their staff in regards to the internet and other such resources.
I know in my previous jobs in the marketplace (here, here, here, and here) they all monitored our usage and it wasn’t uncommon to hear about someone losing their job because they were a little “stupid” with their use.
I guess I’m just curious: Does your ministry monitor the staff’s internet usage?
Have you “heard” of anyone getting fired from their ministry job because of inappropriate usage?
Stuart says
We don’t monitor per se but the staff are restricted.
They also know that their browsing histroy can be looked into and questioned. At the moment each PC & Mac have filter software that monitors every link and restricts / allows according to policy (which is very liberal) but that history is password protected and could be at any time inspected by any two other members of staff – it’s a peer pressure thing I guess.
Do I know of any firings – no.
Sam says
We don’t currently, but our church IT team has recently started discussing the need for at least a policy and I think at a minimum EVERY church should implement at least a basic filtering service like OpenDNS. If others have a policy in place or would be interested in collaborating on best practices to share with others, let me know!
Stuart says
Sam – I’m game.
I have my church doing certain stuff but as yet they don’t have an official policy in place so happy to throw in my 2p worth. You can contact me via my blog … would have mailed you direct but your comment doesn’t link anywhere π
Aaron Melton says
Is there a good reason why any ministry isn’t using OpenDNS.com filter their traffic?
I’m wondering if anyone has lost their job because they inadvertently got Rick-Rolled into viewing pr0n because someone sent them a link via URL redirection (TinyURL, Bit.ly, etc).
Nick Shoemaker says
I think in this case a look at the history would reveal the misrepresented link. Software like Safe-eyes or Covenant Eyes can help with this by providing a log of all activity. If someone is getting canned over a genuine instance of this, they’re better off elsewhere- it would seem like larger things are brewing, and that an exit would be a good plan anyways.
Aaron Melton says
Safe-eyes and the like are not as effective in logging/blocking as we’d like to believe. I’ve talked with several parents who’s teens have easily bypassed/terminated these applications and went on about their business.
Of course, they can also get around OpenDNS — but it’s a lot tougher and I’d trust the log there more so than a log generated by client-side software.
Stuart says
I don’t think Nick’s suggestion was that covenant eyes (or whatever) was the important part there. More that the user history can be examined and be seen (or not) to be on the level.
As to bypassing / terminating these apps then that surely is very suspicious grounds and requires a more in-depth look?
Jeremy Davidson says
OpenDNS worked great for me at my former job. It really was easy to use and keep up with and the price is right.
kennysnow says
If you’re not using anything else at your church, you really should be using OpenDNS. It’s free, extremely easy to set up, and it will just be another layer of security if you are planning on doing something more intensive network wise later. It doesn’t help you monitor staff internet use, but it does filter it – which is all I’m worried about at the moment. You can whitelist/blacklist as well.
Nick Shoemaker says
When I was on staff all the church-owned computers were required to have some kind of accountability software on them. All had X3 Watch, and some had Content Barrier (those used by volunteers mostly).
As far as usage, it kind of took care of itself. If your work was slacking, but you hadn’t really spent a lot of time away from the screen, you were busted. This, of course, was a time management thing.
As far as anyone every losing their job. Not for interent per se. But our church did experience an issue with a single staff member sexting. The activity was illegal, and I’ll just leave it at that. Of course they were fired immediately.
On a similar note. There was a policy that kinda folded into the social media policy- that is, chat conversations with the opposite sex. The rule was keep it to about 5 sentences and then, as in the case of someone seeking prayer or counseling, refer them to the appropriate person. If this wasn’t possible, another staff member needed to literally look over the shoulder, and the staff member engaged in the chat was to inform the other person that “so-and-so is here with me too”.
Bottom line. I think ministries need to have policy in place. They need to hire people of integrity, so these type of issues are LESS LIKELY to arise. And, aside from basic filter/accountability software, they really need to respect their peers and not play big brother.
Jeremy Davidson says
In my last position as Media and Technology Director at a church we monitored internet usage and did take action against someone who was misusing computers. I knew where people went online on what computer and at what time. Having this information proved valuable on many instances and helped protect the integrity of several of the other employees that I worked with.
At my new job we are putting these same measures in place. I went from a high level of control over a network with 40 machines to almost no control in an environment with nearly 80 machines. We had a church staff, school, and early learning center that was totally open to the internet and no monitoring. With so many computers and children on campus everyday we wide open for issues.
Brian says
I just don’t know about actively monitoring staff or employee computers. It seems like spying. I’ve always found that having everyone sign a computer and internet agreement policy and then locking down everything that wasn’t email or internet browsing through the router was plenty. There’s no reason to spend any amount of money or time installing monitoring software. It makes people feel like you don’t trust them and they don’t really work anyway. If you just have to see what your staff has been doing on the web most routers keep a log of every site visited and with what computer and at what time.
Stuart Dyckhoff says
I’m a wee bit passionate about these things and I have to say that’s a very narrow view.
I was going to type up a huge response but instead I’ll do a blog post on it π I will say this though … what you have to step back and consider is that this should not about spying / monitoring per se but about appearing to be “cleaner than clean”.
Check my blog in a day or so and I’m sure there will be a bigger response!
John Saddington says
stuart, also… think about contributing here! love to hear your voice.
Stuart Dyckhoff says
Cool … though my posts tend to be waaaaaaaay longer than you guys use π
John Saddington says
i’m not so sure. we have a smattering of lengths… although this blog is very new and we do have a strategy around it’s growth… we’ve got some big blog posts on churchcrunch, etc.
we could use some variety!
Brian says
I read your blog and you’re totally right. I would however suggest you read my post again. My point was to provide your computer users with limited or filtered access of the internet instead of monitoring their use of it.
Stuart Dyckhoff says
Brian – thanks for the clarification and I have read your comment several times over … and several times again just now.
The main point that comes across to me (and I stress the “to me”) is the one of it being seen as spying. My post was not set out to offend and I trust that hasn’t happened but it was intended to outline my views. Thanks for your response.
Brian says
I agree that whether it’s in your home, church, or workplace it’s usually not a good idea to have totally open access to the internet. At work I use a combination of port blocking and forwarding plus a block list for certain sites all done using the router. About twice a month I check the router’s log to see if there’s a site that might be a problem. I do not like or use any “active” monitoring software. It is in fact “spying” in every since of the word. You can say that a church has every right to monitor its staff to make sure they’re not doing anything that could hurt the church, but to what end? Are you going to monitor their emails? What about their phone calls? How about who they associate with both at the church and outside? Maybe some cameras? Spying is like lying; it’s never little, light, or harmless.
Stuart Dyckhoff says
But checking the logs is not spying?
As an employer they have the right (in the UK certainly) to monitor so long as it is clearly stated that this is the situatuon. That isn’t spying, that’s called good stewardship of your resources.
As I say – spying is a very emotive term. I won’t address your other points here as they are just extending the debate outside of the current discussion and will only dilute what is being said. But do feel free to stop by and comment on my blog if you wish.
Brian says
When I look at the router logs it gives me what sites were visited and at what time along with the MAC address of the computer. I don’t know the MAC address for each computer by heart so I don’t really know who was looking at what just that someone did. If it was something serious I could look it up. The previous head of IT here had some pretty serious monitoring software installed and he got real time feeds of internet activity like who went where and for how long. He also used our remote access program, VNC, to watch what people were doing on their computer including reading their emails and instant messaging conversations. The funny thing is that he had all these monitoring measures in place but did nothing to filter or block certain aspects of the internet. The first thing I did when I took over was to delete the monitoring software and then block things like IM-ing.
Stuart Dyckhoff says
OK understood – you and I, I think, are coming from the same playbook. It’s just a usage of emotive words that gets to me π
I totally disagree with real time monitoring and using VNC or its ilk to piggyback on to someone’s session. Unless they are suspected of some wrong doing and have been pre-informed (agin in the UK) then that action is against the alw and totally reprehensible.
kennysnow says
I’m not going to chime in on the philosophy of filtering/monitoring here, but I’ve had to deal with the topic quite a bit as an I.T. director for a church and private school. Legally I MUST filter any internet access given to students, and doing that cheaply and effectively has proven a bit of a challenge. I like free tools a lot π
Here are some options to help you if you ever need to filter your internet access, either at home or as an I.T. manager. I usually go for network-wide tools, the desktop based software options are really easily avoided or disabled.
http://www.opendns.org – as I stated in a comment response, I really don’t see any reason not to use this service for any organization. Provides a nice overall filter, blocks by category. If nothing else, block porn – seriously. Nothing more embarrassing for a church employee than to be accidentally exposed to something they didn’t mean to go to…and embarrassed is the best case scenario. Very little networking experience needed, other than understanding of how to set your router’s DNS servers.
http://www.untangle.com – if you want more control over your filtering, and want an in-house solution. Basic package is free, and pretty easy to setup if you have medium level networking experience (and if you don’t, this might be a good way to learn π ) I use this one to provide “extra” filtering for my computer labs. All you need is an older computer (make sure it has a good bit of RAM though) with 2 network cards in it (it basically acts as a router/gateway).
If you REALLY want control, and you’re pretty experienced with linux, I used to use IPCop to do what untangle does for me now. Open source, but not for the faint of heart. The basic install isn’t too difficult, but once you get past that…know what you’re doing.
http://sourceforge.net/apps/trac/ipcop/wiki
Hope that helps someone!
John VanArtsdalen says
My senior pastor went through emails that were sent from a church member (from their home PC) and addressed to a staff member (at their church email address) who was recently “dismissed”. The emails were thought to be private and discussed the senior pastor’s questionable actions. That member was called in to the senior pastor’s office to discuss that content of the emails. They strongly disagree with each other on the pastor’s right to do so. This is just the tip of a big, ugly iceberg and (my opinion) a symptom of much bigger problems. Please pray for all concerned.