Tuesday, September 13, 2016

Happy 1st Birthday, Windows 10!

My latest article is now live at ministrytech.com.

It’s hard to believe that we’ve been in the Windows 10 era for a year now. It seems like just yesterday we were anxiously awaiting the final release, after two years of testing and development. (Of course, technology years are like dog years with things moving so fast.)

Microsoft’s goal for Windows 10 was to have 1 billion devices running this version within the first three years. They have admitted recently that after this first year they probably aren’t going to hit that goal, mostly due to the failing Windows 10 phone market. If you don’t know what this means, ask how many of your friends have a Windows phone and you’ll soon understand.

Even after a year, though, the question remains as to whether or not you should upgrade. Microsoft allowed users to upgrade for free through the first year. Since the free upgrade has expired, is there any real rush to upgrade, especially now that you have to pay for the upgrade and the fact that Windows 7 is supported through 2020?

If you did not take advantage of the free upgrade, then you probably aren’t going to pay to upgrade your existing device. You might wait and get Windows 10 when you purchase a new device. There will undoubtedly be a plethora of new Windows 10-based devices available as we inch closer to the holiday shopping season.

The release of Windows 10 Anniversary Edition is momentous for several reasons. First, Microsoft kept its promise in terms of the new Windows paradigm shift. No longer is Windows a product that you upgrade once every few years to a new version. Now Windows is in a perpetual state of evolution, constantly changing with feature updates and changes included with security patches. Many doubted whether Microsoft could upgrade Windows several times per year, and so far they have proven they can.

The Anniversary Edition release also shows us that once a device is running Windows we won’t have to upgrade the operating system every few years. Every organization dedicates significant IT resources to operating system upgrades. Once your device is running Windows 10 it will upgrade itself—there won’t be the need for organizations to dedicate time and money to imaging machines when the next version of Windows comes out. As an IT person who has done countless Windows migrations and upgrades, this is what I’m most excited about.

Windows 10 Anniversary Edition also contains a ton of features additions and security improvements. Here are just a few of the highlights …
  • One of the coolest features of Windows 10 running on a Surface is the Windows Hello authentication process. This allows you to unlock your PC just by looking at your device. The Windows Hello camera logs you in based on your face. I love this feature, and in the Anniversary Edition you can now use Windows Hello to login to websites and apps. Instead of remembering your password you just have to remember to keep your head on your shoulders. This may be problematic for those who say they would forget their head if it wasn’t attached.

  • There have also been a ton of other under-the-hood security improvements, including an updated Windows Defender and an enterprise version called Windows Defender Advanced Threat Protection. It remains to be seen if these built-in security features will have any impact on the third-party security/malware/anti-virus markets.

  • For touch screen users Windows Ink has also been built into the update. Windows Ink allows you to write on your screen and convert handwriting to text. It also provides for greater interaction using a pen or stylus with Microsoft Office and other apps that have the Ink functionality built into them.

  • The new browser in Windows 10, Microsoft Edge, is also starting to gain some maturity. Edge was released with Windows 10 but it too is undergoing an evolutionary process. With the Anniversary Edition, Microsoft Edge now supports extensions and many more web standards, including HTML5. It has also had significant under-the-hood improvements. Translation— you can start using Edge on many of the sites that didn’t work on it before. Only time will tell whether or not this will convince you to switch to Edge as your browser of choice.

  • My favorite improvement is the ability to pin apps to virtual desktops. Windows 10 first brought virtual desktops to Windows users (better late than never). Virtual desktops allow you to have different applications running on different desktops so you don’t have to open everything in a single place. One desktop could be running Word, Excel, and Outlook, while another desktop could be running all of your open browser windows. You could then have all of your games running on a third desktop, then when the boss walks by . . .

  • With Windows 10 Anniversary Edition you can now send a single app to all your desktops, so if you want to be able to view your email across all your virtual desktops you can now open it once and have it appear on all desktops as opposed to having to open your email individually on every desktop.

  • Other improvements include more functionality for Cortana, better gaming integration with Xbox, additional desktop themes, more control over the action center and notifications, and better management tools for education and classroom environments. 
Windows 10 is here to stay. While there may be a learning curve for some users, it is hopefully a learning curve you will only have to experience once.

Thursday, August 11, 2016

Should Churches and Ministries Embrace the Cloud?

My latest article is now live at ministrytech.com.

To embrace the cloud, or not to embrace the cloud, that is the question. Pardon the Shakespearean paraphrase, but there are a lot of questions swirling around churches and ministries as they consider using cloud services for everything from email and file services to Active Directory. There is also a disconnect between what the IT team says is best for the ministry and what church leadership thinks in terms of utilizing cloud-based services.

Cloud-based services offer many benefits over hosting your own services, but you’ll want to make sure you are using a reputable vender. It is important to look at the SLA, or Service Level Agreement, to ensure that your provider will keep their services running so your ministry effectiveness isn’t impacted. When you host your own email and/or file servers you have much more control over downtime because you probably have physical access to the server and the people running those servers. When you host in the cloud you may not have direct access to the servers so you are dependent on your provider to resolve any issues that create downtime.

Using a reputable host like Microsoft or Google will ensure reliability, but there are other companies that provide cloud based services for just about everything, and you want to make sure a provider’s reliability won’t negatively impact your ministry.

One of the biggest benefits of using cloud-based services is that they take a huge support load off the IT team. No longer are they responsible for maintaining and patching servers. If the servers are on your site then you may also have cooling, power or data issues to consider as well. What happens when the cooling units fail? Do you have sufficient battery backup or a generator for power outages? What happens when your Internet connectivity goes down? Moving to the cloud avoids all these issues as cloud-based services are hosted in large, commercial data centers where power, air conditioning, and data reliability are taken care of for you.

Cloud services can also play a huge role in your disaster recovery and backup strategies. Remember that disaster recovery and backups are not the same thing. Backups are for recovering data, while disaster recovery refers to how much time is necessary to get your services (like email, files, ChMS, etc.) back into operation after a disaster. By placing these services in the cloud you can enhance these strategies. If a natural disaster wipes out your on-site datacenter what would you do? In the church world think of what happens if a significant tornado or hurricane or earthquake (hopefully not all three at once!) hits your area on a Saturday night. Do you have a way to notify your congregation about your plans for Sunday morning? How fast can you get your email and ChMS back up and running?

By placing services like your email and ChMS in the cloud, the responsibility of keeping things running falls to your provider. A cloud-based provider will more than likely have your data spread out across servers and datacenters in multiple geographic locations. The same is true for your backups: they are no longer located on your site and you no longer have to relocate backup tapes to ensure your backups are spread out geographically. Most cloud vendors can also provide more backup space then many churches or ministries would be able to afford on their own. This means when the natural disaster hits your area, your services continue to operate. How many churches or ministries are able to provide geographic and hardware redundancy on their own? And if they are able, is it good stewardship of those funds?

By now you may be thinking to yourself that the cloud sounds too good to be true. “You mean I can place my data, my email, my files, my ChMS, my whatever in the cloud and not have to worry about natural disasters, power outages, cooling equipment failures and maintenance, internet outages, security patches, backups and disaster recovery all while saving the IT team a lot of time, effort, and money? Sign me up!” Hold on, not so fast.

Whether to move your ministry to the cloud may not be so obvious. While there are obvious benefits, there are also a few challenges. Many in the IT profession believe it is their job to protect the data and ensure it is kept safe. This is why I do not believe this is an IT decision, but rather a church leadership decision. The IT team should make recommendations based on their knowledge and experience, but the data belongs to the church, and the church leadership should decide how to keep that data safe, including how and where it is stored. For some that may mean moving to the cloud, for others, they may feel more comfortable keeping their data on-site and managing it locally.

There is also the challenge of the IT team. IT folks don’t like to give up control, and moving data and services to the cloud means they will be giving up some control. I strongly believe the benefits to embracing the cloud far outweigh any negatives, including any control IT might lose. For some IT professionals, especially those who have come out of the corporate world, this can be particularly difficult, but it’s one of the many ways ministry IT varies from corporate IT.

As an IT staff member in a ministry I view my primary objective to be constantly working myself out of a job. My goal is to equip and empower those I support for greater ministry effectiveness. I have no desire to attempt self-preservation by keeping data or services tightly locked up in my control to ensure the long-term security of my job. That level of selfishness only benefits the IT person, not the ministry. Most ministries run lean, so there is always plenty for the IT team to do. The more I empower others and work myself out of some jobs, the more I can focus my time on other areas that may require a specific technology skillset.

Every ministry has to decide where to spend their money. I would much rather use technology— including embracing the cloud—to save money so they can hire additional ministry staff as opposed to hiring additional technology staff to manage technology that could be moved to the cloud. Again, these are leadership decisions, but this is often where the IT team and church leadership may not see eye-to-eye.

So, should your church or ministry embrace the cloud? I think so—provided the IT team and church leadership have worked together to understand the issues and implement the cloud in a way that empowers the ministry for greater effectiveness.

Wednesday, July 6, 2016

How Tech & Accounting Can Live Happily Ever After

My latest article is now live at ministrytech.com.

Preparing an Information Technology (I.T.) budget can often be a dreaded task. Tech people seem to always want to spend more money and accounting people want to make sure funds are spent wisely. Both parties are striving to be good stewards of God’s resources, but there’s a critical disconnect between the dollar signs associated with a request and an understanding why the technology is needed.

When the accounting department sees a request or PO for toilet paper they don’t often ask many questions. Everyone knows what toilet paper is for and why it is needed. However, when Accounting sees a PO for a virtual server host they tend to ask a lot of questions. (Granted, one virtual server host costs as much as a year’s worth of toilet paper for most ministries.) This challenge is further compounded when normal ministry politics are involved.

Budgeting for IT, Audio Visual, or any other aspect of technology in ministry doesn’t have to be a bottleneck. Both technology and accounting folks need to work at making sure technology purchases like virtual server hosts are as easy to accomplish as purchasing toilet paper. But it takes teamwork. Technology is complicated. So is accounting.

Accountants learn as much about technology in school as tech folks learn about accounting. Tech folks often think accounting is just math and the accounting folks might think that technology is just browsing the Internet. It’s vital that the communication lines remain open. Technology folks should have nothing to hide. Here are a few guidelines to smooth the process of IT budgeting:

Spell It Out: 
While it’s easy for us to spout acronyms, we shouldn’t. Our requests for funding or explanations of how we are going to accomplish a project should be easy to understand. It is far better to invest the time to communicate than to attempt to snow someone in an effort to save time. Investing the time in communicating builds trust.

Trust One Another: 
Trust is vital to all aspects of ministry. Without trust, giving decreases; without giving there won’t be any money to buy toilet paper or virtual hosts. Trust is sometimes compromised unintentionally as good people try to work towards a common goal. To maintain trust you must not try to hide anything. No question should be ignored and no request for additional data should be put off—whether reasonable or not. Building trust leads to cooperation.

Play Nice Together: 
Cooperation is the sweet spot when the accounting team and the technology team are working together at maximum efficiency. As projects and requests come up both teams are able to quickly process information and produce results without unnecessary drama and without any additional drain on resources. And maybe, just maybe, through this cooperation the tech folks will learn a little about accounting and the accounting folks will learn what a virtual server host is (and why it’s needed). Accounting is able to be accountable while Tech is able to be productive.

Productivity is the ultimate goal—being productive to maximize effectiveness for the Kingdom. The technology team is a trusted resource that communicates effectively and the accounting team is valued for ensuring proper tracking of all funds and stewardship.

These foundations are critical to managing technology projects and budgeting. Technology expenditures should be planned, and not surprises. Equipment wears out: planning hardware replacement cycles is the duty of every technology manager. When you buy a server you know it won’t last forever, just like toilet paper. These plans can be done numerous ways and it’s important for the technology team to work with the accounting team and church leadership to determine the best way to save for and handle these ongoing expenses.

Special Needs: 
There is also the matter of special projects and new construction. It is easy to let the tech costs reach towards the heavens on new construction, but tech budget requests should be prepared and presented knowing that if there isn’t enough money to build the building then there won’t be any need for the technology. Trust can be built when the tech folks show they understand the fiscal realities of a project and don’t attempt to sneak in things just because it is a new building and a much larger overall budget.

The technology staff should also be looking ahead. At any moment the tech team should be able to enumerate their top three projects, whether those projects are for software, infrastructure, hardware, or employees doesn’t matter. They should also communicate as items age and need to be replaced. Not that every request will get approved, but at least if something important does fail you have communicated in advance—and not in crisis mode.

This is also why a member of the tech team should have a seat at the leadership table. Not because technology is the driving force but so that when ideas and projects and budgets are discussed the tech team is available to provide input and answer questions. Technology should be positioned as a valued resource that improves effectiveness, not a necessary evil. Too many times the people behind the technology cause the technology to be improperly positioned.

There is a great deal of comfort and security that comes when the technology and accounting teams work together as part of the King’s community. Surprises are limited. There is security in knowing what you can and can’t afford. Ministry impact increases. Besides, who wants to be part of a community without toilet paper?

Thursday, June 23, 2016

Keeping Your Family Safe this Summer

My latest article is now live at ministrytech.com.

Who doesn’t love summer time?  The sunshine and warmer temperatures, the family vacations, the lack of school homework, and of course, an evening on the porch sipping a refreshing iced beverage.  You’d think we would find ourselves outdoors more enjoying creation.  Often times though the opposite is true and we end up spending more time looking at our screens during the summer than we do the rest of the year.

Summer time can also be a cruel welcome to reality.  As kids we look forward to summer time because school is out and we get to play.  As adults we realize that summer time is no different from any other time of the year – we still have to work and life goes on as normal.  That makes it easy to use screens to keep our kids entertained during those long summer days.

Fortunately, the good folks at Microsoft have built some pretty cool tools into the Windows operating system to make it easy for families to manage their screen time.  While other software vendors also have family safety built into their products, Microsoft does it in a unique way that allows for native, remote control over your family’s computers without having to install or manage any additional software.

Windows Family Safety is a fantastic tool built right into all versions of Windows.  Windows 10 has the most features available but Family Safety is still available all the way back to Windows 7.  Using Windows Family Safety, you can set filters and block lists, control access time windows and set curfews, track device location, and even get a detailed report emailed to you about all activity taking place with the computer.

Not only is Windows Family Safety a powerful tool, it is also easy to use and Microsoft has done a great job providing helpful documentation.  All it takes is a few clicks and you will soon be monitoring all of the Windows devices in your family.

One feature that sets Windows Family Safety apart from other filtering or block services that are built into some operating systems is that you can remote control the settings.  Once setup on the computer, the parent can change settings remotely without having to touch the kid’s device.  This allows mom and dad to control the device from anywhere.  It also allows the child to request additional privileges and mom and dad to approve the request via email.

The content rating and restriction tools are most effective.  If you already have content filtering setup on your home network, Windows Family Safety works right along with it.  Then when the child takes their device to a friend’s house or other location where the internet might not be filtered Windows Family Safety keeps doing its thing so you know wherever the device is the content is filtered and your time limits and curfews will still be enforced.

You can also set it up to send you a weekly activity report of each child’s activity.  The report shows you which devices the child used, what they searched for on the internet, how long they used each app, the total amount of time they spent on the device, and any content that they attempted to access and was blocked.  This is a tremendous accountability tool – especially when you see what they are searching for online.

If the device is lost or stolen, you can also use Windows Family Safety to track the last known location of the device and disable it to protect your child’s personal information.

The goal here is not to be oppressive but to use this tool to help teach them to live a godly life, both online and offline.  As the child grows and matures you can use Windows Family Safety to provide additional online privileges – Windows Family Safety works from the youngest of kids to the oldest of adults.  It can even be used for adult accountability.

All you need to get started is a Microsoft account, which you probably already have if you are a Windows user.  Teaching responsibility with technology and providing accountability is made easier with Windows Family Safety.  Visit https://account.microsoft.com/family/about to learn more and get started and see if Windows Family Safety can help your family.

Thursday, May 12, 2016

Protecting the Soft Underbelly of the Church

My latest article is now live at ministrytech.com.

Last month we talked about the cyber challenges churches face.  This month we will look at some simple ways the church can protect itself from those bad actors using wise policies and procedures.  This assumes you have a firewall and a proper network design.  How do we provide maximum Kingdom impact while also being good stewards of the data God has entrusted to us?

First, let’s look at your Church Management System or ChMS.  Do you rely solely on the ChMS vendor to keep your data secure?  Do you test the security of your ChMS or do you just take the vendors word for it?

Do you have security audits with your financial audits?  I assume you have financial audits.  Even then the security questions in a financial audit can be useless.  A church IT friend of mine answered the security audit question, “How do you keep your data secure?” with, “12 flying monkeys.”  He never heard back from the auditor regarding that answer.  He should have.  Use a security company for a dedicated security audit or ask your ChMS vendor for a copy of the security audit they have done on their product.

Remember the Anthem hack of early 2015?  The hackers were after data that is similar in nature to the data we store in our ChMS software: names, addresses, phone numbers, and SSNs.

Second, what is your password policy like?  Is it written down?  How do you enforce it?  Does it make sense?  Research has shown that longer, more complicated passphrases are more secure than shorter, complicated passwords that users have to change frequently.  Forcing users to change their passwords, whether to their computer, ChMS, or any other system on a regular basis leads to the passwords being written down on the bottom side of the keyboard – where some of those bad actors know to look.

I suggest using long passphrases.  15 characters or more, with a capital, lowercase, number, and special character all required.  Using a phrase from your favorite song or Bible verse works.  “InthebeginningGod1!” as an example – but don’t use anything obvious or inscribed on a plaque hanging on your wall.  A passphrase like this will never need to be changed unless it is compromised.

Your password policy should also include the ability to enforce preventing users from sharing their passwords, even with volunteers.  It is far better to invest the time and issue a volunteer a login then to share staff access.  The same is true for your ChMS.  Does your password policy also apply to other sites and services that require your users to login?

If you find that a user has shared or compromised their password I suggest setting it to something like, “Isharedmypasswordsonowittakesme5minutestoentermypassword?!” and forcing them to use that for a week.

Third, do you have any data access policies?  Who gets access to your data?  What level of access?  Does everyone see everything or do users only see what they need to see?  What criteria do you use to determine who sees what?  Do you allow people to snoop around your database?  Who can view giving data?  How do you determine who sees what?

Volunteers are great and we use them all the time but do they need ChMS access at home?  While doing visitor data entry should they see SSNs and giving information?  It may take a little more work to set users up so they only see what is necessary but it is better – especially when you consider the amount of turnover volunteers have.

Fourth, physical access should also be addressed, that’s physical access to the hardware storing the data.  How do you protect your server room or is it just a closet everyone can get into?  I’m convinced I could walk into most churches, steal a server, and walk it out to my car and drive off with it if I just pretend that I own it.

Finally, our people or personnel policies also have to be reviewed.  Having the right people in the right positions is often times half the battle.  What happens when folks are dismissed or fired and access must be removed?  While we would like to say that doesn’t happen in the church world we all know it happens far too frequently.  Are you hiring people you can trust with your data?

People are the biggest security risk any organization has.  They fall prey to phishing scams and because they want to help they click on things they shouldn’t trying to help people they shouldn’t trust.  This leads to data loss.  Do you provide training for your users to teach them how to avoid such threats?

It is vital that security and cyber threat protection decisions not be made by tech people – they are leadership decisions and hopefully the tech folks have a representative at the leadership table.  I’ve written about this before and the importance of IT being in submission to the church leadership.  Contrary to popular belief tech people aren’t wired to say no.  But we are trained to keep things safe.  Leadership needs to get input and make wise, informed decisions about how to keep data safe, how much money to invest, and policies and procedures.

Again, the nature of our business makes this a challenge.  We use volunteers.  But decisions made in the light of day with the involvement of the necessary parties is a huge step towards avoiding disaster.

Wednesday, April 6, 2016

The Soft Underbelly of the Church

My latest article is now live at ministrytech.com.

If I was to someday turn to the dark side, and for the sake of argument let’s say I haven’t yet, I’m convinced that I could retire hacking churches.  Churches are treasure troves of data that has a relatively high black market resale value.  Churches also aren’t as obsessed with security as the corporate world is.  Of course, if you are a hacker, my intent here is not to encourage you to go after churches but rather to encourage churches to be vigilant when it comes to their cyber security.

Everyone is getting hacked.  It doesn’t take much to see that your data isn’t really safe anywhere.  But that doesn’t mean we go hide under a rock.  It seems that hacking is in the news daily.  Remember Target, The Home Depot and a small outfit you may have heard of called the United States government? 

When a corporation is hacked their profits and shareholders may suffer but what happens when a church is hacked?  Our message is much more important than selling goods and our reputations and balance sheets often aren’t strong enough to weather a hacking storm.

While cyber-attacks are a threat we have to manage it is no different than the threat of someone slipping on the ice in your parking lot and suing you.  At some point if you are doing ministry effectively you will be sued.  You will be hacked. 

Churches are sitting ducks.  So then why aren’t churches targeted more?  Mostly because the hackers don’t think we are big enough to warrant any attention.  I think that is their mistake, mega churches are plenty big and contain just as much key black market data as the big box stores.  Hackers are after demographic info like name, address, phone number because they can sell those records to bad actors conducting phishing schemes and other online criminals.

The value of that information goes up tenfold if you have a social security number tied to that record and even more if you can connect a credit card to it.  The bad guys don’t realize how churches work and that we are sitting on tons of that very information.  Nor do they realize that we don’t protect it very well. 

Their ignorance -- for now may be our bliss but at some point they are going to figure it out or someone from inside church ministry is going to go rogue and open their eyes.

Churches are sitting ducks by the very nature of our business.  Our business it to be open and welcoming.  We don’t want to shut anyone out and we preach a message of salvation and forgiveness.  Our goal is to draw people in not push them away.  Our business is based on people voluntarily giving us their money.  What is the great commission?  That makes us a target, or at least it should.

We also lack the deep pockets of corporate America.  How much did the Target hack cost them?  They have deep pockets so a $160+ million hit due to hackers can be weathered.  They also have the additional millions to pour into fixing the problem, hiring security specialists, etc.  We don’t.

Churches are sitting ducks by the very nature of our people.  We have all levels of economic status in our churches and we strive to reach out to those who have nothing.  We teach our people to be kind and loving and forgiving and to be trusting.  We teach them to evangelize and influence others with our message and not to let pride or shyness get in the way.  Our people are our biggest asset, and also our biggest liability. 

We also use volunteers.  Go into your local bank, set up an account to become a member, and then volunteer to help them and see if they give you access to their database.  Churches do this all the time – and we should as our survival depends on it.

In my opinion our data is pure gold.  As I mentioned, I think we are getting by for now because the hackers don’t know much about what we store. 

Churches are sitting ducks by the very nature of our beliefs.  What does Jesus teach?  Lock it all down and throw away the key? 

While we are taught to love people and minister to them we are also taught about stewardship.  Stewardship is what really kicks in here in terms of data management and security.  Remember the parable of the talents in Matthew 25:14-30?  Think of the talents as our data. 

We need to provide access to the data so we can accomplish our mission but we also have to be a good steward of the data so it isn’t stolen.  We tend to do the former and not the latter as it is difficult for church leaders to take a step back and evaluate data access policies.

Stewardship is difficult – which is why we struggle with it.  Pastors aren’t taught about cyber security in seminary.  They want to use technology to connect with people and they don’t want to hear about any security hurdles.  How did the malware get into Target’s system?  Through an unpatched server.  Pastors and church administrators don’t like to hear technology and data management requires an investment in security but if you believe in accountability before the Creator then you may want to think twice about that.

I admit this is a difficult balance to strike but we have to do better because we are sitting ducks.

Next month’s article, entitled Protecting the Soft Underbelly of the Church will address ways we can help protect our data while still maintaining maximum efficiency and Kingdom impact.

Monday, March 7, 2016

The Apple and the Fall

My latest article is now live at ministrytech.com.

The recent developments with the FBI demanding that Apple help them gain access to the iPhone of a terrorist has really got a lot of people thinking.  Terrorists are deplorable and we should do all we can to capture them and prevent acts of terrorism from occurring.  But what does it mean to do all we can to prevent all acts of terrorism from occurring?  While everyone agrees terrorists must be stopped there is great debate over how we stop them.  Do the ends justify the means?

I see both sides of this issue.  On the one hand Apple (and other tech companies) have done their best as of late to convince their customers that their data is safe – thank you Mr. Snowden.  They have worked hard to make sure when we use their devices that our personal information, our private communications, and everything else that makes up our data is secure and only accessible to the owner of the data.  In the analog world this would be the safety deposit box in a steel vault at the bank.  It is designed to keep everyone out except those who have access privileges.

On the other hand, the government is charged with keeping the people safe and wants to do everything possible to prosecute acts of terrorism and prevent future acts from occurring.  To do that they have the ability to obtain warrants and gain access to personal property and information to help solve and prevent crime.  In the analog days this would be getting a warrant and forcing the bank to open the steel vault and then open the safety deposit box.

But what happens when all of this becomes digital?  What happens when the steel vault is an encryption algorithm and the safety deposit box is an iPhone and the individual holding the key is deceased after committing a horrible crime impacting many innocent lives?

In the analog world, we could easily figure out a way to get into the vault and safety deposit box.  It might take a while but it can be done – as evidenced by several recent high profile thefts from thieves breaking into super secure vaults to steal money and jewelry.  In the digital world though it isn’t as easy.  We can’t just drill through yards of concrete or blow the door off.  There is no concrete and there is no door.

Because of the divide between the digital world and analog world the government is now asking, through the FBI, that Apple provide a way into the phone.  Apple is refusing.  The government needs Apple because the tools of the analog world won’t work here.  They need the creator of the device to help them access it.

If this situation has done nothing else, it has pointed out how out –of-date our laws and legal system are to handle these situations.  The law the government is using as their reason why Apple should help them is the All Writs Act from 1789, signed into law by George Washington.  While this law was amended in 1948 and 1949 (still well before the digital age) there is a great deal of question as to its application based on a Supreme Court case in 1977 where the government wanted help tracing phone calls.

The amount of misinformation and misunderstanding about this event is amazing.  While on the surface the request may appear simple enough, the consequences are tremendous.  Should Apple, or any tech company for that matter, have to create and then secure a backdoor into their software?  I know many are debating the semantics of the request but the bottom line is they are asking for something that doesn’t exists and would have to be destroyed or protected after it was created.

This reminds me of another time in our history when the US government needed technology and science to help them bring a World War to an end.  The Manhattan Project ran from 1942-1946 and was tasked with creating a super weapon to help end World War II.  The weapon did not exist but was possible in theory.  If they succeeded the consequences would change the path of the planet but success came with a price.  Yes, the war was brought to a quick conclusion without having to invade Japan, simultaneously saving thousands of lives and putting millions more in jeopardy.  As a result, the US and its allies have spent every day since trying to prevent nuclear weapons from falling into the wrong hands.  The world would also come to the brink of nuclear destruction as a result of the Cold War that followed.

Apple is being asked to create special access to bypass the security on an iPhone that doesn’t exist today.  If they create it, and it leaks out then what?  Those “bad actors” would certainly get in line to get access to the ability to gain access to phones around the world.  Just like the Manhattan Project the results of creating such a tool could change the course of the planet.

But what does all of this mean to us?  The nation is clearly divided on this issue and I find myself agreeing with people I rarely agree with and on the opposite side from those with which I would typically align.

First, the solution to terrorism is not hacking an iPhone, the solution is Jesus Christ.  Only by believing and trusting in Him can people change and “bad actors” can become citizens of heaven.  Second, Romans 13:1-7 provides a view of how Christians should relate to their government.  Does that mean if this case reaches the Supreme Court and a ruling is rendered that we must abide by it?  Third, God calls all of us to participate in our government and to be good citizens.  That includes voting, paying taxes, and taking part in discussions with our government officials – including discussions about balancing our security with our privacy.

Ben Franklin said, "Those who surrender freedom for security will not have, nor do they deserve, either one."  While this quote has been ripped out of context I think the principle he is referring to applies to what we are facing now.  Each one of us has to decide.  I know many who would happily give up some privacy in order to be more secure.  I know many who abhor that idea.  Whatever you believe, I hope that you will take this opportunity to get involved.  Our government is going to have to figure this out and they will need our help to do it.  Politicians are not software engineers and encryption specialists and engineers and encryption specialists are not politicians.  Pray for our elected officials and participate in the privilege that is our democracy.  

Sunday, February 21, 2016

Don't Go It Alone this Year

My latest article is now live at ministrytech.com.

Can I ask you a question? How many of your new year’s resolutions have you already broken? Some of them are probably career oriented—things like network more, learn more, be more efficient, be less busy and more effective, etc. If you work in ministry technology as a career, or if you volunteer, let me encourage you to actually do something about networking this year and not to attempt going it alone.

The cliché is silos vs. synergy.  I started in ministry technology as a volunteer in the mid-1990’s.  That turned into a full time career in 2001.  When I started there weren’t many technology resources for ministries and I felt like a silo trying to solve the worlds technology problems on my own.  Google didn’t show up until 1998 and wasn’t very helpful during those early formative years.  

In 2007 I was introduced to a group of folks who worked in church IT that existed to provide synergy.  I attended my first meeting in Chicago and realized I wasn’t alone, my problems weren’t unique, and there were lots of people with more experience than I had who were willing to share and help me get better.  What amazed me is that this wasn’t an organization trying to sell something or with some other agenda.  They don’t even charge membership dues.  It was simply a group of church geeks trying to help advance the cause of the Kingdom.

I was also impressed that theological differences didn’t get in the way.  They weren’t out to solve the questions of the ages but rather to simply help each other apply technology to ministry.  Technology in churches and non-profits is different from technology in the corporate world and this group got that.  Everyone was willing to share and help everyone else out.  No one was trying to protect any trademark secrets.  There was no competition.

It was also encouraging to see IT folks socializing.  As a group we can be rather introverted and awkward.  Put a bunch of those type folks together in the same room who are all struggling to solve the same technological problems and all of a sudden relationships start to form.  Then when we leave that room those relationships continue thanks to our understanding of social media and communication through technology.

If you work full time in ministry technology, volunteer in ministry technology, or manage ministry technology staff and/or volunteers then consider joining this group or encouraging those you lead to join this group.  Did I mention it’s a free group of peers all learning from each other for greater ministry effectiveness?

What is this group you ask?  I’m speaking of The Church IT Network.  Their website says, “If you are passionate about serving the body of Christ through technology, the Chruch IT Network is for you.”  Whether you work or volunteer in help desk, IT management, audio/visual, web development, ChMS, DBA, and more you will find a place in the Church IT Network.  

The biggest hurdle most church tech folks have to being a part of a group like this is time.  We are all busy, we are all being asked to do more with less, and we all have more to do then we could possibly get done in one lifetime.  Instead of using busyness as an excuse let me encourage you to use it as a motivation.  There is a big difference between being busy and being effective.  Often it is best to stop and make time to make sure you and those you lead are being effective.  

Being a part of a group like The Church IT Network doesn’t take much time.  They are there if you need them but don’t require that you participate in required membership meetings.  Did I mention it’s free?  There are no annual dues.  It is simply a group of IT professionals all working towards the same common goal.

I have found that being a part of the various online communities and discussion has actually saved me money.  I’ve posted questions online and received answers within minutes that have saved the ministry I support thousands of dollars.  

The Church IT Network is also a great place to learn about IT in ministry.  Pastors, CFO’s, etc. are all welcome to join and learn more about church IT ministry.  Volunteers are also welcome and encouraged to participate.  Church tech uses volunteers more than any other technology organization in the world and we should want our volunteers to be well equipped.

There are 2 meeting options each year that are available to those who want to gather together.  A regional event in the spring and a national event in the fall.  While there are travel costs associated with these events and some minor event registration fees (the last national event was $75 for 3 days, including meals) they are both well worth it.  We learn together, worship together, and enjoy great food and fellowship.

Proverbs 11:25 says, “A generous person will prosper; whoever refreshes others will be refreshed.” (NIV).  My involvement in The Church IT Network has made me a better IT pro, a better employee, and a better servant of the King.  Take this opportunity at the beginning of the new year to consider growing in your generosity and taking the opportunity to refresh others and be refreshed.  

For more information on The Church IT Network please visit churchitnetwork.com, follow on Twitter @CITRT and join the conversation using the hashtag #CITRT.

Friday, January 15, 2016

Stress in IT

My latest article is now live at ministrytech.com.

As I travel around the country talking with IT professionals who work for churches, ministries and non-profits, I’ve noticed that many of us are struggling with similar challenges.  While challenges are good and help us grow in our faith and in our profession I’m concerned that good IT folks are burning out quickly and turnover rates among tech staff’s in churches is going to rise.  I think there are several issues at play here.

First, many of us are highly dedicated.  In the church world, many IT folks grew up in the churches where they are currently serving on staff.  Some may even be the second or third generation of their family to have been part of the ministry.  Decades of involvement builds loyalty and a sense of pride and ownership.  Because of the investment of time, talent, and treasure, you don’t want to see the ministry fail and you desire to see it grow and thrive.

Second, we get the eternal impact.  While church IT and technical folks may be often misunderstood, I find that many have the same goal as the pastors and other staff.  They work hard to provide an eternal impact on the Kingdom.  We understand that those 1’s and 0’s we are working with are much more than just 1’s and 0’s.  Their impact is on a much higher calling and our passion is to see the Kingdom impacted every day we dive into our geeky craft.

Third, we know our stuff.  We stay up all night reading the latest articles online about the newest features and software releases.  We monitor popular culture and trending media so we know how to advise people on what to use.  We work hard to not be surprised by the latest security threat and are proactive to keep threats out of our networks and our data secure.

Fourth, we struggle to communicate.  Because of our knowledge, we can come across arrogant and unwilling to compromise.  We often don’t do a great job of explaining options and costs.  As a result, we create a gap between the decision makers and ourselves.  Remember, we both have the same goal but we are coming at it from opposite, often misunderstood directions.

As a result, frustration can mount.  We all have the same spiritual goal but we can’t get the budget we need to accomplish the objective.  Or we are trying to ensure security but we are told to keep opening things up to more and more folks.  Friction builds when IT focuses on security while the ministry focuses on people.  What happens when the Executive Pastor says everyone is going to switch to a Mac or that the ministry is going to use a ChMS that you know isn’t secure?

Burnout tends to set in.  We don’t believe we are being listened to or that our opinion matters.  We tend to kill good ideas because we can’t implement them the way we want to.  IT and technology isn’t a respected asset but a dreaded necessary evil.  So what can we do?

First, we have to humble ourselves (Luke 14:11).  As hard as it may be to admit IT and tech folks don’t know everything.  Technology changes fast and we can’t realistically be experts at everything and we need to communicate that.  Reading one article doesn’t make you an expert.  We have to be willing to listen to those in authority and even if we disagree, humble ourselves to do what we are asked (Philippians 2:3-4).

Second, in addition to humility we need to have a healthy respect for authority (1 Peter 2:18).  Often our passion is what gets in our way.  We want the objective to succeed and we don’t want anything to be a hindrance.  As a result, we struggle with what we believe are inferior options and often want things done our way.  Maybe out of pride, but often out of zeal to see the Kingdom affected.  It is important for us to remember who is in charge.  Who is going to be held accountable (Hebrews 13:17)?  What is my responsibility?  When we stand before God who is going to be accountable for the decision?  We may not be accountable for the decision but we are accountable for how we respond to it, whether we like it or not.

Third, we have to learn to communicate (James 1:19, Ephesians 4:29).  It is ok to disagree and it is ok to provide options but we have to learn to do that in a way that is respectful and not prideful.  We have to understand that it is not our objective to get our way.  It is our goal to communicate what we think is best and then to submit and do what we’re told.  When we don’t get our way we have to work hard at not saying, “I told you so” or constantly pointing out that this isn’t the way we wanted to do it.

When we stand before God, we want to hear that we did our job well, even if we didn’t agree with what we were doing.  I have found that submission makes life easier.  Often times the ax is no longer over my neck and I’m good with that.  This is difficult when we are doing something we think will fail but unless we sit at the top of our organizations leadership chart then we need to get happy with doing something with which we disagree.

My burden is that IT and tech folks latch on to this.  The Kingdom isn’t helped through turnover but through IT and tech folks who work hard at humbly communicating and then obeying authority with excellence.