Checking to see if you guys have a policy implemented on acceptable use and rules for using file sync software such as Dropbox, SugarSync, Google Drive, One Drive. Specifically:
- Do you have a central, business owned account(s)? Or, are your staff using personally owned accounts?
- Do you have rules around staff only use (i.e. not sharing folders with others outside of the organization), or are you using it more as a collaboration file access across staff, volunteers, vendors, etc?
- Do you allow sync tools to be put on personal computers, or do you have only church owned computer installations?
- If you have unknown access, or allow access to personal computers or shared folders outside of staff, how do you address concerns of viruses and malware being transferred through these specific technologies, directly into your organization?
I may come up with more questions, but this is a good start. We are looking at having more of a centralized, church owned solution, and are looking at what policies should go with this setup to protect the church network from external threats coming into the network (virtually undetected when considering the level of access these types of systems have the potential of opening up). We’ve used these systems for a while, but not centrally managed by IT. Just trying to close potential security holes, while utilizing technology for ministry purposes strategically.
Thanks for your help!