Cybersecurity & your church: How we’re supporting you

‍

Today churches are relying on technology to reach, engage, and disciple people more than ever before. Consider this: 72% of churches have a website (up from 17% in 1998), and 73% of churches have a Facebook page, compared to just 26% back in 2012! Studies also show that three quarters of churches are now using online giving, and 96% of pastors say they live stream their services online. 

As technology becomes more intertwined with the everyday life of the Church, new challenges also arise—cybersecurity, censorship, data leaks, and community safety, just to name a few. 

Most recently, the internet has erupted with news about a major security vulnerability that has everyone—including church staff—on high alert, scrambling to protect their data from malicious cyberattacks. 

What happened & why does it matter?

Global tech companies like Google, Amazon, IBM, and Apple use a Java-based utility known as “Log4j” to help run their software. Because Log4j is open-source and free to use, it has become one of the most commonly used logging libraries in the world. 

Apache Software Foundation, the group that developed Log4j, announced that hackers discovered a way to weaponize a security flaw in Log4j. Although Apache released a security fix for the software, CNN reports that cybercriminals had a weeklong head start to exploit this vulnerability, which has been described as having the potential to “impact the entire internet.” 

Our proactive response to the Log4j security flaw 

At Subsplash, keeping churches safe and secure is one of our top priorities. After learning about the “Log4j zero-day flaw”, our engineering team immediately began investigating to assess any risks to ministries on our platform. 

After a scrupulous review of our codebases, our team determined that we were not susceptible to this vulnerability. This is due to the fact that Log4j is not used for any of our product offerings, and any instances of Log4j that are part of our broader development toolset are either (1) on a version of Log4j that does not exhibit this aforementioned vulnerability, or (2) managed by a third party and swiftly updated by the vendor.  

The Subsplash Platform has not been impacted by the Log4j vulnerability. We will continue to monitor the situation, take precautionary measures as needed, and continue to communicate news of any changes as part of our commitment to transparency with our clients. 

How we’re innovating to protect & support your mission

In addition to keeping your church’s data safe, we’re innovating on several fronts to ensure that your gospel-centered content is easily discoverable and always accessible to your community: 

• Media ministry without restrictions—Subsplash Media hosts and delivers your live and on-demand content directly to your church’s mobile app, website, and TV app without restrictions, as well as to other popular platforms like YouTube and Facebook. 
• Secure online giving—Subsplash Giving is protected by industry-standard encryption to keep your church’s and donors’ data safe. 
• Messaging moderation—Subsplash Messaging provides a safe environment for group communication on your mobile app and website, including intelligent moderation that automatically filters out offensive language and images.

We’re honored to partner with your ministry and grateful that thousands of churches around the world have trusted Subsplash for the last 16 years. If you are already using Subsplash and have any questions, please feel free to reach out to your Client Success Manager by logging in to your Subsplash Dashboard. If you would like to learn more about using the Subsplash Platform to help reach, engage, and disciple your church, [.blog-contact-cta]let’s chat![.blog-contact-cta]