top of page

Ask The Expert: Cyber Security

Updated: Oct 22

Churches are a safe place for your congregation – spiritually and physically. But there are dangers. Your church’s cyber space is one place bad people want to invade.

It only takes one, often unintentional, click to expose your church to ransomware and other threats to your cyberspace. To protect your church, make sure all people who use the church’s desktops, tablets, and mobile devices follow a few simple procedures. Here are some basic steps you can take to help protect your church from cybercrimes.

  • Realize phishing is the number one attack vector for the distribution of malware. You will get an email, a text message or even a Facebook message asking you to click on a link or open an attachment.

  • You can get infected if you go to a questionable website or a website that has been infected with malicious code (This is called drive-by malware).

  • Make sure your computer/smartphone/device is updated to the latest operating system and all applications are patched. Do not ignore your device when it says it needs to be updated.

  • Reduce your attack surface on your device. Only allow trusted applications to run on your device. Beware of all the free software products that you never use. (This is called application whitelisting).

  • Reduce admin rights for users. Admin rights allow users to install programs and malicious code. If your device asks you to enter your password to install or make changes to a program, you need to be careful.

  • Take an inventory of who you are allowing onto your network and what they can access. Does the employee from three years ago still have Admin rights to your network? You do not want every employee to access everything on your network.

  • Use two factor authentication on all remote access to your network, especially remote desktop protocol (RDP).

  • Backing up is not enough ... make sure you test your backups and have a good restoration plan. Remember, if your network is infected with ransomware there is a good chance the Cybercriminals have also stolen your data.

  • Educate yourself and your staff about the dangers of Ransomware and Cybercrime.

  • Contact your local FBI Office if you are a victim or go to WWW.IC3.GOV

In addition, here is an excellent resource from the Department of Homeland Security’s Cybersecurity, and Infrastructure Security Agency (CISA). When’s the best time to educate your church members on cyber security? Now. Whether you’ve never done this or did it two months ago, the ever changing landscape of cybercrimes means we all must remain constantly vigilant to protect our people, our property, and our finances.

For more information on complete insurance coverage for your church or for answers on other insurance-related questions you may have, call us at 484-654-3380. Look for a free no-obligation quote? We’ve got you covered. Fill out our handy form and we’ll be in touch!


This content has been prepared by United Methodist Insurance Company (UMI) for informational purposes only. No article or document may accurately contemplate all possible scenarios or church resources. As such, this information is meant to foster discussion by the individual church and its members to develop a plan tailored to its own circumstances. UMI is providing this information with no warranties or guarantees of any kind and it should not be viewed as legal, financial, or other professional advice. All liability is expressly disclaimed. Any claim examples described herein are general in nature, may or may not be based on actual claims, and are for informational purposes only. Any coverage available for a claim is determined from the facts and circumstances of the claim as well as the terms and conditions of any applicable policy, including any exclusions or deductibles. In the event of a conflict with the content herein, the terms and conditions of any issued policy will control. Individual coverage may vary and may not be available in all states. The commercial insurance coverages for United Methodist Insurance are sold and serviced directly or indirectly by Sovereign Insurance Agency (CA Lic. No. 0B01380) ("Sovereign") and underwritten by various available insurance markets. Sovereign pays United Methodist Insurance a royalty for the use of its intellectual property.

bottom of page