IT and Data
-
Assessment
Information Technology is an unavoidable part of our everyday lives, in our homes, our workplaces and now in our places of worship. With so many ways to use technology and so many options in the marketplace, implementing an effective, efficient, and secure technology strategy can seem overwhelming. Moreover, as parishes come together to form communities, each will bring with them their own IT infrastructure, comprised of a variety of tools, vendors and service providers for hardware, networking, internet, communication, and office applications, among others. The resources at the Chancery will help you make sense of your current technology landscape and explore ways to improve and enhance, as well as simplify it.
By first completing an IT assessment, you will get an overall understanding of the current state of your parish or location technology environment to identify opportunities to gain efficiency, effectiveness and reduce liabilities, as well as ensuring the right people, processes and tools are in place to accomplish the core mission of the Church. Assessment results will be used to bring awareness to disparities between parishes and organizations and to prioritize efforts to implement solutions that help the processes and tools used throughout each day.
The Information Technology & Infrastructure Assessment collects data in these areas:
- Computers & Servers
- Collaboration & Data Sharing
- Cybersecurity
- Technical Support
- And more…
Cyber Liability Insurance and Cybersecurity Assessment
Cybersecurity is the practice of protecting one’s computers, networks, applications and data from unauthorized access, use and/or modification. In today’s environment, cybersecurity is evolving in both complexity and necessity. Cyber liability insurance protects entities from loss and/or liability that may arise in the event of a cybersecurity incident.
However, as achieving a state of cybersecurity becomes more difficult, obtaining cyber liability insurance does as well. Obtaining cyber liability insurance is expensive and requires entities to comply with a long list of requirements, sometimes requiring a costly investment in cybersecurity practices and tools.This assessment will help us to evaluate your parish’s current cybersecurity state and analyze the information that will help the organization obtain cyber liability insurance coverage.
Solutions
Throughout our Diocese, the goal is to assist each parish in analyzing their current state within the IT infrastructure’s common areas (e.g., network, communication, etc.). Once the current state of all parishes and organizations is identified, the team at the Diocese will perform a high-level comparison in these areas across the Diocese and suggest the resources that make the most sense to be deployed. By learning of the technology landscape, your Parish or organization will benefit from greater operational efficiency, reduced maintenance, and lower costs.
-
Security Guidelines
- Multi-Factor Authentication (MFA) is implemented for all remote access to internal systems and cloud services that provide critical services or host sensitive information.
- Endpoint Detection and Response (EDR) software is installed on all supported endpoints and cloud workloads.
- Current backups are stored offline and have been tested to confirm their viability in fully restoring systems and data.
- Sensitive data is stored in secure and compliant cloud location (https://gabrielsoft.com for parishes is cloud solution for parishioner data)
- Critical vulnerabilities are patched, with priority given to public-facing systems and applications.
- Public-facing web applications are protected by a web application firewall.
- Internal networks are appropriately segmented to contain an attack or malware to a subset of systems and to prevent its widespread propagation.
- All end-of-life systems and applications are decommissioned and powered off.
- The Principle of Least Privilege is applied such that permissions for a given user account or process is restricted to only those privileges which are essential to perform their intended function.
- Incident response plans within the organization have been updated and a crisis communications contact list includes current emergency contact information for all appropriate personnel.
- Disaster Recovery and Continuity of Operations Plans are current and can be implemented in the event of a loss of services.
-
Contact Us
-
Mary Lennonmlennonpatersondiocese.orgDirector of Technology
-
