Church Techy
Where Tech meets Church
Internet Policy
Author: Stuart27 Jun
Or should that be “Internet Policing” ?
As a technically aware user of the internet (I hate that tradition dictates it should have a capital I, so I fight it) for over 20 years I am well aware that the internet poses many dangers to the unwary or is that the uneducated?
As a part of my drive to get the Church to start creating and accepting the validity of IT based policy documents, I thought I’d try and start with what should be a no-brainer. I say this because I think even the most uneducated person knows of the potential problems of using a computer on the internet – even if they don’t know about trojans or the latest virus or chain letters or security breaches or… or… they may at least know that (as an example) a lot of criminal activity goes on via the internet. Or that the fastest growth industry is probably still pornography.
Beyond all this, the fact that 61% of UK households in 2007 had internet connections and that 84% of those have broadband connections (National Statistics Online) makes it plausible to take a leap that not everyone is being 100% good, all the time.
But then I find that some people just don’t want to know and thus we need to introduce policies or as some of my friends call them ‘policing’ documents.
My main issue here is not that we should but in how and not so much even the hardware and/or software methods of restricting use but the soft methods of simply getting user X to agree that this is a good thing. I know the staff at my Church well – only one of them has been in the Church longer than I – and I believe I have a good rapport with them all, but getting them to take that step and introduce policies seems monumental at the moment.
My senior pastor takes the approach of if he doesn’t want to deal with something that isn’t specifically about the health of the Church or its members or potential members then he simply doesn’t respond to the eMail(s). I can’t go over his head as there is no one else beyond him. My position is only semi-official in that there is nobody else whom could (at present) step into my shoes and support the Church and I certainly don’t get paid for it. So my dilemma comes down to one of two choices.
- Introduce semi-stealth policing and advise each staff member individually that this is the case.
- Create the policy documents myself and present them as a ‘fait accompli‘ to the management.
Neither approach is the best but either or is the best I can come up with for now.
Additionally I don’t want the document (in this case an internet AUP) to be heavy handed or bogged down with legalese, but neither do I want it to be so inconsequential as to be useless. Beyond this, really I need to make the senior leadership team take some ownership of this and certainly to be a party to enforcing standards and in encouraging the staff to comply with these new fangled ideas.
I could (and will) just keep pounding at the door and keep on keeping on, but I feel honour bound to help the Church navigate the murky depths of the internet. As an IT professional I hear (and know) the horror stories of clicking on what seems an innocent link only to be dumped into a storm of adverts and popups – or to end up the victim of a browse by malware attack – or worse, to be perusing your internet surfing history and find pictures or URLs that you never went near (google images and the like have a lot to answer for on this).
So, folks of Church IT land I need your help.
I need suggestions, I need practical help (prayer is always good as well), but most of all I need to borrow your policy documents to see how you’ve done it. I can, but don’t really want to, create all of them from scratch. Ultimately I know, I need to persuade the senior leadership to create a staff handbook.
6 Responses for "Internet Policy"
I can appreciate your situation. I would recommend that you create a policy that provides at least general rules on Internet/computer usage and then when the right time arrives, your ready with your policy. Maybe start using it when new employees or volunteers start. Post it on your internal Web Site/Intranet.
There’s lots of places to get policies from and taking someone else’s still requires a good review and minor changes.
We didn’t get support for policies until an outside management review was done.
The SANS Institute is an excellent place to start:
http://www.sans.org/resources/policies/#template
Jim
I’m going through the same process as you are, and I’ve so far I’ve gotten three policies approved. You can find them on my in-house IT site that I’ve opened so you can take a look at it.
The policies are located here:
http://sites.google.com/a/allisonparkchurch.com/apc-tech-info/Home/policies—acceptable-use
I tend to use a very gentle approach. The first policy I wanted to work on was the Laptop use policy. I found Liberty University’s policy on line and I used that as a basis for our own. Because of that, it is the most ‘legal’ sounding document.
It is very important to me that these policies reflect only trust for other staff members. I suppose they are more educational in nature than they are ‘legal’.
I’m still working on others and would appreciate any input as well.
Thanks for the link Cindy – I love the personalised usage of the policies such as “if you use x’s PC then Y”
I think you hit the issue on the head – trust is the key word and not the inherent suspicion that a staff handbook dishes out.
Thanks Jim – SANS has always been a good place for most things security related and is somewhere I have spent a great deal of my professional life but somehow forget it when working on Church stuff!
I had a meeting last night with a decon(and ex cop) of my church another guy who has knowledge network systems and internet, an older guy about 75 has no idea of networking and internet but made sure he had his say and one other guy who just kept quiet, and myself I have a decent amount of knowledge not loads so help would be great.
Now the problem I have is that the decon (the cop) is very legal and looks into things to much, and we spent about 30 to 45 mins just talking about internet and the policy or as you all say policing, bassically the cop wants to bring in a Senior Administrator, I thought great someone to take all the problem when they occour but no he would be there to check up on people, to see what people are doing bassically to spy on people checking the website they have visited, not just basic users but the administrators aswell and to him it seemed like a good idea and would cover all asspects if it came to there being a problem with the police, I got abit annoyed at this point as i was saying why put your administrators in place just to check up on them? but this ex cop didn’t see it that way even today i get a little annoyed thinking that if i was a administrator to know that someone else would be coming to see if id been on porn or other things that im not ment to.
I suppose what im trying to say is has anyone else delt with someone like this and what can i do to show him that policing the computers and spying on people isn’t a good corse of action.
Also this ‘senior administrator’ wouldn’t be someone as myself or the other chap whos knowlegable but it would be himself or another decon within the church, i know exactly what would happen they would attempt the log onto the server to check thing do something wrong and id get the phone call to come fix the problem.
the only way i can see around this is just turning round and saying I do not agree with the policy that you are going to bring in either this is rethought or i don’t put the system in or i will seek the advice of a lawer before i take this any further. OR to bring in an internet filter and i know that these can be rather expensive £1000 plus.
PLEASE PLEASE PLEASE can someone help me i don’t know if im just over reacting a little or not. advice and yea prayers would be helpful
Thanks Neil
Neil – have left your comment here for all to see but have responded via email. If anybody else also has any specific advice for Neil then please send them direct to me and I’ll forward them on.
At Neil’s ok I will pass on his email address to any that may want to assist as well.
Leave a reply