New Wilmington Mission Conference

NWMC is the mission conference that amazingly challenges youth
with the Presbyterian tradition in Christ's church. (July 18 - 25, 2009)
Welcome to New Wilmington Mission Conference Sign in | Join | Help
in Search
Home Blogs Forums Photos Downloads News Promote Donate FAQs About NWMC

The Web and Christ's Mission

How Safe is it to Put Sensitive Information on the Web?

This is one of the more frequent questions I've been asked recently.  It really comes down to a question of risk analysis.  I'm a proponent of trying to use the web as much as possible as a tool for the Great Commision, but realize security can be a real concern.  I'm not an expert on the security needs of mission fields, but here's a rundown of the risks taken by using email, the web and this website (or any Community Server site).

Most people think email is more secure than it is. Having said that, there are few communications it isn't secure enough for.  Most email is sent unencrypted over the internet which means it can be read by anyone who gets their hands on it.  Intercepting email is both easier and harder to do than you would expect.  At the moment, I'm not a good person to comment much on it, but let me know if you would like me to look into it further.  Whoever provides your email service (Yahoo, Google, Comcast, Verizon, etc.) stores the emails at least temporarily.  I believe Google even analyzes the content of their gmail accounts to serve ads better to the users.

It can be even more difficult to control who can access information that's posted on websites.  The basic technologies the web is built on don't allow you to decide who can or can't view web pages, but there are techniques that can be used to control that.  Web pages are also normally sent unencrypted over the internet and can be intercepted similarly to emails, but that is also unlikely in most situations.

Fortunately, the Community Server software we use on NWMCmission.org allows us to control a good deal.  First of all, we can make any sharing medium (blog, forum, photo gallery, etc) private, restricting it to registered users (currently ~150, but steadily growing).  The largest benefit this gives is preventing any information posted in these blogs and forums from being discovered through search engines.  We can even take this a step further and only allow certain registered users to view a bog or forum.  The only problem is someone has to maintain these permissions and it can become time consuming. 

We can also add names to the "bad words" list to prevent them from appearing even when we discuss them in public areas of the website.  For example, one missionary's name will always appear as A*** B***.  This list also needs to be maintained and it's only reasonable to add so many names.  If there is a name you believe should be added to this list, please contact me.

Although these methods reduce the benefits of the web, I think they can allow us to use it well as long as we apply them wisely to each situation.

Published Wednesday, August 30, 2006 10:03 PM by Andrew Dawson
Filed under , , ,

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

 

ddawson said:

Thanks for this informative piece on security. I have a follow-up question for you. Would a limited-access, private forum or blog on nwmcmission.org be more secure than e-mailing to mission workers in a country that is known to monitor the e-mails of mission workers? Would the government's "cyber guards" be able to read a private blog? I am thinking this could be a more secure way for a small group of people to communicate with a mission worker in a sensitive country. ddawson
September 10, 2006 5:17 PM
 

Andrew Dawson said:

While this website has some pretty nice controls for what people can and can't see, the situation you're describing makes me a little nervous. If these concerns The web pages are passed across the internet as clear text that anyone can read if they intercept it. If people are having their email intrercepted and read, I expect there to be a good chance the websites would be intercepted as well. We could buy a SSL certificate to encrypt the web pages (~$100/year). Even with SSL temporary files are left on computers people use to view websites. These temporary files can be erased or avoided, but not easily. The cyber guard could apply for an account and mistakenly be granted priviledges to view the blog. That would probably have to be our mistake. Finally, the company I use to host this website stores this information on computers for it to be on the web. It could be hacked or forced to provide these files by a govenrment. I pay premium prices for high quality service, so these situations are very unlikely, but possible. I cannot guarantee privacy of information on this site. Few, if any on the web can. Governments may not be as likely to monitor this website as mission workers' email accounts. We can easily hide information from them and make it much more difficult to acquire. Web security is not my primary area of expertise, so let me know if you want more detailed information about something and I'll try to locate it. Each situation requires an independant risk analysis. Some are very much worth using the web. Others may not be.
September 11, 2006 9:12 PM

Leave a Comment

(required) 
(optional)
(required)   
(required) 

This Blog

Syndication

News

My name is Andrew Dawson. I'm a software developer looking to find ways the web and technology can be used to serve Christ better. I also hope to create more educational resources and raise awareness along the way.



Add to Technorati Favorites
© 2006-8 New Wilmington Mission Conference, All Rights Reserved.
Powered by Community Server (Personal Edition), by Telligent Systems