Skip to comments.Greg Griffith on church computer/website issues after Connecticut ["Battle Stations"]
Posted on 07/16/2005 7:42:19 AM PDT by sionnsar
In view of the actions of Bishop Smith and his crew regarding the website and computer files of one of the "Connecticut Six" churches, Battle Stations by Greg Griffith of the Southern Anglican blog could be a most important read if you work with the website for a ECUSA church.
One thing that I never would have thought about recommending someone consider is this: in light of the actions of Bishop Smith, if you are a volunteer webmaster who has developed or is developing your church's website, you may want to consider keeping the domain registration under your own name rather than that of the church. I think that could help keep a site that you have developed out of the hands of revisionist bishops--if you own the site and not the church. If anyone has a more informed perspective on this, I would really be interested to know.
Another website I have found that is REALLY helpful for church website volunteers is Heal Your Church Website; the author, Dean Peters, is most knowledgeable and helpful. If you work on your church's website, give this site a visit--you'll be glad you did.
The recent actions by Bishop Andrew Smith of the Diocese of Connecticut in which he and his goons seized the computer records of The Rev. Mark Hansen's parish in Bristol should be a wake-up call to all orthodox clerics under revisionist bishops.
In this post I'll outline the basics of securing your parish's computer files and protecting them from seizure by thugs like Smith. I'm not making any recommendations or declarations on matters of who owns what, or what is and isn't appropriate to do in your particular situation - I'm simply providing information on how you may keep what happened to Mark Hansen from happening to you. You'll have to decide whether you want to put this information into practice. However, if you do, you can rest assured that if you find yourself on the business end of a Smith-type invasion, you can tell them to go ahead and take any files they want, safe in the knowledge that they'll get nothing of value.
In my 15 years as a software developer I have had to spend time on many, many people's computers. Two things have always struck me: 1) 90% of computer users are very poorly organized, and 2) even more seem completely unaware - or perhaps just unconcerned - about security.
Most references to computer security these days are to unauthorized access by remote users; in other words, "hackers" whom you don't know, using your Internet connection to gain access to your computer from a distant location. Fairly little coverage is given to thwarting the kind of invasion of the Andrew Smith variety, where a hostile computer geek sits down at your computer and roots around, retrieving and copying sensitive files for the perusal and use by others.
The first step in making your files inaccessible to unauthorized parties is getting organized. This often means starting over in the way you organize your files. You may already be well-organized. If so, you can read this section and ignore or follow its advice at your discretion.
The following examples are for Windows users, but Mac users can follow along and get the general idea, replicating it on their systems.
First, become familiar with My Computer; or better yet, with Windows Explorer.
My Computer can be opened by click the Start button. Windows Explorer can be found by clicking Start... All Programs... Accessories. Windows Explorer is usually near the bottom of the Accessories list.
Both utilities are computer exploration tools. Windows Explorer is a graphical representation of your computer's folder and file organization. Notice how it resembles an outline, with folders "nested" inside other folders, and files inside these folders. My Computer allows you to traverse this outline of folders and subfolders, but without the "outline" view. I prefer Windows Explorer, but others prefer My Computer. Experiment with both and choose the one that suits you best.
You need to know how to create and name folders. This is done by navigating to the location where you want the new folder, right-clicking your mouse, and choosing "New." A window will pop out to the side. On this window, choose "Folder." A new folder will appear, named "New Folder." Its name will be selected. You can change the name of this folder to whatever you'd like by typing it in and pressing "Enter."
If this doesn't work, click on the name of the folder. It should turn blue (or another color, if you've changed your Windows color scheme). Click it again, and it should be "editable," with a black box around the name.
Now that you can create folders, you should choose a location on your computer to store all of your sensitive documents. You can place this folder anywhere, but it should be placed somewhere that's easy for you to find.
If you have a lot of files - hundreds - you may want to create a suitably robust "folder structure" in which to store them. Inside your main folder, you may want to create other folders to further segregate your files from everything else on your computer. For example, if you decide to place all your files in a folder called "ChurchFiles", then inside that folder you may create a folder called "Treasurer Reports." Inside that folder, you may create several folders for each year: "2003", "2004", "2005", etc. Inside each of those folders, you may have one folder for each month of the year. Finally, inside of each of those folders, you may place the file(s) that comprise your treasurer's report for that month. You can follow this same basic scheme for all categories of documents you want to keep organized. You may not want or need that level of organization, but you can create it if you do. More on folder structure in the next section.
Storing Your Files
There are a number of ways to protect files on your computer, all of them equally lousy. Windows 2000 and Windows XP offer ways to do it directly from My Computer or Windows Explorer, but anyone with a Windows 2000 or Windows XP installation CD can start your computer using the disc, and have complete access to your entire system. The popular compression utility WinZip includes password protection, but any competent computer technician can break the password protection using a number of methods documented on the web. There are many third-party file protection programs on the market, but they vary in their levels of security and their ease of use. Plus, they all cost money.
What I can provide for you right now is a way to secure your files using none of these methods. I will continue to investigate other ways to keep your files secure that use a more traditional approach of password protection, but for now, there is one rock-solid way to do this. First I'll explain the concept, then give you specific directions on how to do it.
The concept is called "online storage," and it simply means that you'll be storing your files somewhere other than a computer on your premises. That "somewhere" is a server owned by a company that offers such services.
There are free services and pay services. Free services usually offer relatively little space; pay services usually offer as much as you need, in tiered payment plans.
To determine if a free service will suffice, or if you'll need the added spaces of a pay service, you first need to determine the size of all of the files you want to secure. This is the purpose of the previous section about organization. If all of your files are in one folder - either loose or in subfolders - you're way ahead of the game. If they're not, you'll need to get them that way by reviewing the previous section, creating your folder(s), and moving all your files there.
Either way, once you have all your files in one place, go to that folder in My Computer or Windows Explorer. Right-click the folder and choose "Properties." You will see a number beside the word "Size." That is the size of all the files inside that folder, and inside all of its subfolders.
If the size ends in "GB," that means you have at least one gigabyte of files, and you'll need a pay service. If it ends it "MB," that means you have less than one gigabyte of files. If you have fewer than 30Mb of files, you can use Yahoo's free service. If you have more than 30 megabytes, you'll need to go with a pay service.
The Yahoo! Briefcase is a great, simple storage service that costs nothing. All you do is go to http://briefcase.yahoo.com/bc//home and sign up. Uploading and downloading documents is then a straightforward process. Help is available here.
There are a number of pay services on the web which offer similar features, but with vastly more storage capacity. I recommend Files Anywhere, but you may want to check out Streamload or X-Drive. For anywhere from about $50 to about $100 a year, you will be able to get all the storage you will probably need, and monthly payment plans are available in the sub-$10 range. Obviously, you'll want to pay for this service with funds other than those under the church's or the diocese's direct control.
All of the online storage services will require you to create an account with a password. This password is all that stands between your files and a hostile user. The University of Chicago has an excellent guide to choosing a secure password. Please read this document carefully. Also, remember that a password is only as secure as the people who know it, so be careful about whom you give the password to, if you have to give it out at all.
A Small Change
Now that you're organized and have an online storage account, it's time to put the plan into action. I spent a good deal of time talking about folder structure and organization on your computer in an attempt to illustrate a good way of organizing your files. Now I'll explain why it's important to organize.
You're going to make a slight change to the way you do things. It will take a little more time whenever you want to view, print, or change a file, but short of some more expensive and more complicated approaches, this is a bulletproof way to protect your sensitive data.
First, you need to re-create your computer's folder structure on your online storage account. Some services may not permitted "nested" folders, in which one folder contains another, and so on. Some allow folders to be nested only a certain number of layers deep, which may be fewer than you have on your computer. So you need to get know your online storage service's capabilities. Once you do, you can re-create your computer's folder structure at the online service, or you can modify your computer's folder structure to fit the limitations of the online service.
Once you have the same folder structure at your online service as you have on your computer, you're ready to start uploading your files from your computer to the online service. Follow the directions at your online service to accomplish this, and be very meticulous in confirming that ALL files have been uploaded.
The next step is critical, and it's guaranteed to give you pause, but it's one you must take in order for all this to work. Once you have confirmed that all your files have been uploaded to the online service, confirm it again.. Then, delete the files on your computer. Yes, I said delete them. Make sure, though, that you delete the files individually, NOT the folders where they reside. You want to end up with a folder structure on your computer in which all the folders are empty.
Once this is done, whenever you want to work on a file, you will download it from your online storage service to your computer, making sure to download the file from the online service's folder into the corresponding folder on your computer. This will help keep things straight if you need to have many documents downloaded at once. You can then open the file, view it, print it, modify it, and save it. When you're though, you'll upload the file from your computer to your online service, and delete it from your computer once it's finished uploading.
Go to the login page of your online service and create a bookmark in your web browser. This will make it as convenient as possible whenever you need to log in and download a file. NOTE: Do NOT instruct your web browser to remember the password for this site, or you will have defeated the entire purpose. If you are asked whether you want the browser to remember the password for your online storage site, click "Never for this site" or "Don't ask me again" if available. Otherwise, always click "No."
If you have any questions about any of these procedures, please leave them in the comments section. Remember that you may leave your comment anonymously. or you may click here to email me.
Hitting delete is ineffective in making the data disappear from your computer. If you really want it to go away NOW, you would need to invest in some software that does more than simply making the space available for future use. I know of at least one guy who went to prison because of data recovered from 'deleted' files.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.