[This is part 9 of a 10 part series titled: “So You’re An IT Noob“]
Security, at least in my experience, is still one of the most overlooked aspects of IT infrastructure. Normally, the people I have come across usually think,
“Why would anybody hack our organization?”
The thought process being that if they’re a Church or a business that largely performs services, then they’re not a risk.
Getting hacked is only part of the problem. Malware including viruses, spyware, adware and other issues are also a big problem. If you worked in IT from 2002-2006, I am sure you had to fight off some nasty viruses that would literally shut down a company for days while the IT guys sought to clean it off the system.
While such viruses are not as common these days, malware has certainly become more sophisticated. It is not unusual to find somebody with a computer that is its own bot-net, sending out Viagra spam to the masses and the person in question has no clue. That is until their ISP blocks their outbound content.
Question: Should your church start up have a firewall?
I don’t use a firewall for my home network. I am savvy enough to have in place, processes with the equipment I already own to deal with the majority of threats I might see, but an organization is a different story even if it is small.
Firewall’s used to be challenging to set up. Whether it was a hardware device or software application, some knowledge was needed in setting up a configuration. You’re an IT noob, so chances are you have no idea what this means:
access-list inbound permit icmp any any
access-list inbound permit tcp any any eq www
access-group inbound in interface outside
static (inside,outside) tcp interface www 192.168.1.100 www netmask 255.255.255.255
The good news is, this has become much easier for noobs to implement. Hardware devices (you may see them referred to as appliances) are so much less expensive than they were just five years ago and are pretty painless to get set up.
There are plenty of good devices out there (it is a well saturated market). I can recommend the following brands:
In addition, for the noob, I can think of no better product than Barracuda‘s devices. I’ve used their devices at various levels and for different applications and they are solid. In addition, Barracuda has excellent customer service.
Better yet, Barracuda has been an organization that has evolved with the tech world, specifically in the realm of cloud computing. While their devices work well, what if your Church has signed on with Google Apps for email?
Barracuda has that covered as well with a virtual service. If you have 10 or less users in your organization, it’s free!
If are using an Exchange or Domino (Please, for all that is wonderful in God’s world, I hope you do not use Lotus Notes) server, the device will serve you well. They’ll even let you evaluate a unit for 30 days at no cost. Pretty neat.
Productivity is important, and so is keeping people accountable. Don’t look at web filtering as a means of “not trusting” those in your organization. Think of it as I said, an accountability tool. Christians are often under the delusion that people who work in Churches aren’t going to visit pornographic websites or gambling websites.
Christians often forget that Christians struggle with these issues like anybody else.
Christians too, can be unproductive at work, even if they work at a Church.
So there is nothing wrong with filtering web traffic. At my previous place of employment, we were able to monitor traffic going out of our network and found it being clogged with visits to YouTube, Pandora and ready for it? Netflix! 2-3 people were streaming Netflix movies at their workstations.
Barracuda again makes an excellent web filtering device that can handle all of the necessary tasks and will also prevent users from going to websites with malware.
Do the research here. You don’t want to spend more than you need up front, but don’t ignore potential threats in an effort to save money. I have found that too many organizations play the odds and some of them do get by without issue, but those who get hit, spend far more in time and resources than they would have if they took preventative measures up front.
Now, for the final part of our series!