Older technology devices may very well be one of the biggest security threats in your ministry.
Unfortunately, most churches do not fully understand this hazard. Old devices often have known vulnerabilities that make them an easy target for attackers. They can use these vulnerabilities to compromise your ministry and its data. Saving money by extending the life of technology devices such as phones, laptops, tablets, and desktops may seem like a good idea, but these devices have a secure shelf life of only a few years.
Technology is changing constantly, and so are the cyber threats directed against it. Cyber attacks are increasingly creative, sophisticated, and effective. Regularly updating your devices may save you a lot of money (and grief!) in the long run.
The appropriate age/lifecycle plan is different depending on the type of technology device, but generally speaking, Enable Ministry Partners recommends replacing user workstations every 4 years, servers every 5-7 years, HVAC controllers whenever the vendor stops providing security updates/patches, and wireless access points every 6-7 years.
Enable recommends that churches deliver all IT equipment that is retired from service to an electronics recycling company as part of a proactive lifecycle management plan. These organizations will responsibly wipe/destroy any information stored on hard drives and other storage devices and handle device resale or recycling in an eco-friendly manner.
Destroying or retiring these devices is essential because attackers can easily use older devices as backdoors into your environment. Attackers often target older devices because they understand they do not have the security standards to keep attackers from getting in, gaining unauthorized access, stealing sensitive data, or launching other types of cyberattacks.
Below, we provide five primary reasons why the continued presence of older technology and devices can wreak havoc on your ministry. All revolve around one main concern–security.
Shortage of Security Updates
As technology evolves, new vulnerabilities and cyber threats emerge each day. Technology companies commonly release security updates and patches to help decrease these vulnerabilities. Unfortunately, technology companies do not provide perpetual patches and updates for all the devices they manufacture. Thus, the outdated devices reach a point where they no longer receive updates and become susceptible to countless vulnerabilities.
Due to constant upgrades and development of modern technology, older devices reach a point where they can no longer run new software. They are limited to outdated software or operating systems that lack the latest security features. Outdated software makes these devices easy targets for those who want to breach your sensitive data and information.
Limitations to Hardware
As discussed above, older hardware will cease at some point to have the capability to run the latest security tools and applications effectively. These limitations can hinder the device’s ability to detect and defend against cyberattacks.
Inconsistent Security Protocols
Enhanced security protocols and encryption standards are essential in the ongoing fight against cyber security attacks. Limited as they are, outdated technology devices cannot take advantage of these protocols and standards. These older devices thus become vulnerable and make it much easier for attackers to access your personal and ministry information.
Reduced Vendor Support
Manufacturers often provide customer support and assistance after the product’s release dates. Unfortunately, as devices age, these manufacturers will cease supporting older products at a certain point. Again, this leaves users susceptible to security breaches and attacks.
Technology devices are not designed to be effective forever. Even though a device may technically still “run,” it may be wholly inadequate and vulnerable to changing conditions. Given the dizzying pace of growth of security issues and cyber attacks we face today, understanding and working with the “effective life” of technology devices is even more vital. As discussed above, older machines can lack basic features to keep your technology devices free and clear of attacks. As new devices become more secure, cyber attackers shift their focus to manipulating remaining older devices because they are easier to compromise.
To help alleviate these security risks, it is critical that you regularly update and replace your old technology devices with new devices that enjoy the latest security updates and support.