Managing Safe and Secure Congregational Computer Networks

This is a piece that I wrote for The Congregational Resource Guide (CRG) Blog that was originally posted on October 10, 2011. The CRG recently announced that it will be closing and that some of its materials will be managed by either The Alban Institute or The Indianapolis Center for Congregations. Given the uncertainty of how or when the CRG content will be online again, I am reposting this piece here on my personal blog.

In 40 Days and 40 Bytes, Aaron Spiegel, Nancy Armstrong, and Brent Bill refer to computer networks—and, by association, the Internet—as “a part of today’s techie society.” Their vision, when the book was published in 2004, was that computer networks would become increasingly essential for businesses and congregations alike, and how right they were.

Simple dial-up Internet access in congregational offices was at one time considered a luxury. However, with increased availability of affordable high-speed Internet and the changing landscape of our culture, congregational networks that are able to access the Internet have become a near necessity.

The transition to a networked congregation, however, is not completely free of pitfalls. The growth of wireless mobile computing devices has introduced a new era of networking. With these devices, the Internet is available at nearly any time and in any place. At the same time, the Internet continues to be a vast ocean of content, some of which could be considered unsavory or even illegal.

The reality for congregations using wireless networks, also known as Wi-Fi, is that they are also a public space. As such, congregations frequently host visitors who carry computing devices (laptops, tablets, smart phones, etc.) that are hungry for network bandwidth. For a number of reasons, it may not be desirable to have all these devices connected to a congregational network.

By enabling the security features on your wireless router, network access to mobile devices can be limited and controlled. In general, there are two common types of wireless security—Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). Both WEP and WPA are similar in that they will require a device to provide a password to connect to the wireless network.

Those wanting additional security beyond WEP or WPA may also disable the feature that broadcasts the presence of your wireless network. This will hide the network from those mobile computing devices that are constantly sniffing for wireless access. With broadcasting turned off, access will only be granted to those devices that know both the network identifier (commonly called the SSID) and the wireless security password.

But even when devices are legitimately connected to a network, it can be difficult to monitor these resources to ensure that they are used in ways that are consistent with the ministry of that congregation.

One solution to this problem is to implement some type of filter that will limit the Web content that is accessible from the network. For these situations, I’d recommend that you consider using the services of OpenDNS. The way this works is that your router will be configured to use the OpenDNS service as a means of connecting to any website on the Internet. The OpenDNS service can be configured to filter out a known set of websites based on content, or you can pick and choose what content is acceptable. You can also use the reporting feature to see what websites are visited most often from your network.

The OpenDNS knowledge base provides detailed instructions on how to set up several of the more popular router brands. While the service is not free for enterprise use, OpenDNS says that it offers a special price for non-profit organizations.

The Internet has become a key element in the ministry of congregations of all sizes. Maintaining a safe and secure computing network is the first step of many for congregations to consider as they begin to embrace the expanding world of networked computing.