Do we currently have a way to securely pass information between clerks and Bishopric?

Use this forum to discuss issues that are not found in any of the other clerk and stake technology specialist forums.
stanbutler
New Member
Posts: 10
Joined: Sun Aug 17, 2014 11:42 am

Do we currently have a way to securely pass information between clerks and Bishopric?

Postby stanbutler » Sun Jan 15, 2017 11:11 pm

I have always been careful to avoid emailing or texting clerical information.
With this in mind, I have often wondered if LCR has any ability to securely pass information between clerks and bishopric?
I feel this is becoming an area of concern.
Having worked as an InfoSec Lab manager, I have seen how easily data can become compromised.

Here are a few situations or examples:
LCR messages, People are logged into LCR and see the HTTPS but the messages are sent out to member's preferred email addresses which are unsecured.
New child, we receive DOB, place of birth, and child's full name.
Lost sheep, we try to locate members. We often find a need to pass DOB and full names.
All child information. It should be guarded always.

I have made it a habit of sending this kind of information via an encrypted PDF.

Just wondering if we had a better way to securely communicate?

Please let me know if we have anything in LCR which can be leveraged to help keep our information secure.

User avatar
Mikerowaved
Community Moderators
Posts: 3245
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

Postby Mikerowaved » Sun Jan 15, 2017 11:44 pm

That's an excellent question and one that's often overlooked in today's fast-paced digital world. As a follower of InfoSec, my hat's off to you and your team.

An encrypted PDF would work in some situations, but there are times when the information to send is best kept in it's native format, such as a spreadsheet. Encrypting a ZIP or RAR file is what I prefer to use, with the key transmitted by other means, such as in a text message, with no reference to what it's for.

As an STS in my stake, I've allowed confidential documents to be stored on the clerk computer, as long as they have a strong encryption. Recently I had to give council to one bishopric, not for lack of encryption, but rather for the document title, which was, "Sis Jones' court findings.odt". Of course, that wasn't the real name, but sometimes we leak tidbits of sensitive information without realizing it.
So we can better help you, please edit your Profile to include your general location.

User avatar
marianomarini
Senior Member
Posts: 612
Joined: Sat Jan 19, 2008 3:13 am
Location: Vicenza. Italy
Contact:

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

Postby marianomarini » Mon Jan 16, 2017 3:30 am

If you are really concerned about security you can use GPG to cypher any information that could be decrypt ONLY by legal receiver.
This will require a training to leaders about: generate, store and share password. And this, in my experience, is the bottle neck of the system.
It seem to me that most of person (at least here in Italy) are looking for a security system that is worth for a 5 years old kid!

russellhltn
Community Administrator
Posts: 21784
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

Postby russellhltn » Mon Jan 16, 2017 3:44 am

stanbutler wrote:Do we currently have a way to securely pass information between clerks and Bishopric?

In answer to the question in the title, the church has not provided anything like that. All you have is common access to LCR, which should limit the amount of sensitive data that has to be passed back and forth.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.


Return to “General Clerk Discussions”

Who is online

Users browsing this forum: No registered users and 1 guest