Do we currently have a way to securely pass information between clerks and Bishopric?

Use this forum to discuss issues that are not found in any of the other clerk and stake technology specialist forums.
Post Reply
stanbutler
New Member
Posts: 10
Joined: Sun Aug 17, 2014 12:42 pm

Do we currently have a way to securely pass information between clerks and Bishopric?

#1

Post by stanbutler »

I have always been careful to avoid emailing or texting clerical information.
With this in mind, I have often wondered if LCR has any ability to securely pass information between clerks and bishopric?
I feel this is becoming an area of concern.
Having worked as an InfoSec Lab manager, I have seen how easily data can become compromised.

Here are a few situations or examples:
LCR messages, People are logged into LCR and see the HTTPS but the messages are sent out to member's preferred email addresses which are unsecured.
New child, we receive DOB, place of birth, and child's full name.
Lost sheep, we try to locate members. We often find a need to pass DOB and full names.
All child information. It should be guarded always.

I have made it a habit of sending this kind of information via an encrypted PDF.

Just wondering if we had a better way to securely communicate?

Please let me know if we have anything in LCR which can be leveraged to help keep our information secure.
User avatar
Mikerowaved
Community Moderators
Posts: 4734
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

#2

Post by Mikerowaved »

That's an excellent question and one that's often overlooked in today's fast-paced digital world. As a follower of InfoSec, my hat's off to you and your team.

An encrypted PDF would work in some situations, but there are times when the information to send is best kept in it's native format, such as a spreadsheet. Encrypting a ZIP or RAR file is what I prefer to use, with the key transmitted by other means, such as in a text message, with no reference to what it's for.

As an STS in my stake, I've allowed confidential documents to be stored on the clerk computer, as long as they have a strong encryption. Recently I had to give council to one bishopric, not for lack of encryption, but rather for the document title, which was, "Sis Jones' court findings.odt". Of course, that wasn't the real name, but sometimes we leak tidbits of sensitive information without realizing it.
So we can better help you, please edit your Profile to include your general location.
User avatar
marianomarini
Senior Member
Posts: 619
Joined: Sat Jan 19, 2008 3:13 am
Location: Vicenza. Italy

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

#3

Post by marianomarini »

If you are really concerned about security you can use GPG to cypher any information that could be decrypt ONLY by legal receiver.
This will require a training to leaders about: generate, store and share password. And this, in my experience, is the bottle neck of the system.
It seem to me that most of person (at least here in Italy) are looking for a security system that is worth for a 5 years old kid!
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: Do we currently have a way to securely pass information between clerks and Bishopric?

#4

Post by russellhltn »

stanbutler wrote:Do we currently have a way to securely pass information between clerks and Bishopric?
In answer to the question in the title, the church has not provided anything like that. All you have is common access to LCR, which should limit the amount of sensitive data that has to be passed back and forth.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
Post Reply

Return to “General Clerk Discussions”