Password & Permissions Best Practices

Overview:

  • As the Admin/Staff of your Church's Account, It is critical to the security of your platform that your password remains protected. Here are some Best Practices to ensure that your Password is securely safeguarded.  

Things to Know:

  • Since Username/Password security is used for almost every website, most browsers have included functionality to Save Login information in order to make it easier/more convenient to move from site to site. 
  • If you use other platforms for Device Syncing (such as G-Suite), then it is possible for your password to be shared with any device that is also logged in to that Platform as you. (If someone Logs into their Breeze account while that computer is also logged into your G-Suite, then their information could be compromised by being available on all of your synced devices.)
  • Role Permissions can be specific to one person or assigned to a group of people. This simply depends on the overall function of the Person or Group. Oftentimes, there are a few people who serve functions that are similar enough to include in One Role. (Ex: Youth Pastor, Children's Pastor, Worship Pastor, etc. could all be assigned the same role. i.e. Ministry Leader Role.) 

Best Practice Suggestions:

  • Autofill functionality should be reserved for your personal machine only. This should be a computer that no one else would use except you!
  • Never log into your Admin User on someone else's computer unless you are certain your Passwords are NOT being saved by the Browser or some external software program. Think of your Password as a Key! Logging into your Admin account on other computers could be potentially "giving your key" to the owners of those machines.
  • Make sure your Role Permissions include the "Logout Automatically" Permission. Timed logouts are a great way to add additional security layers to your account. 
  • Implement the Principle of Least Privilege - This principle states, "Only the minimum necessary rights should be assigned to a subject that requests access to a resource and should be in effect for the shortest duration necessary (remember to relinquish privileges). Granting permissions to a user beyond the scope of the necessary rights of an action can allow that user to obtain or change information in unwanted ways. Therefore, careful delegation of access rights can limit attackers from damaging a system." (per the U.S. Dept. of Homeland Security - https://www.us-cert.gov/bsi/articles/knowledge/principles/least-privilege)
    • The permissions logic in Breeze is meant to give Functionality to a Person or Group based on the specific functionality they have within your ministry. Think of this like a Pyramid - the pinnacle is the Admin(s) [the Smallest group with the MOST permissions.] -- and the Base would be the Members [the Largest group with the LEAST permissions.] Role Permissions would drop off layer by layer as the Role Permission Group gets larger and larger.
  • If you ever feel like your login has been compromised, the best thing you can do is change your password! If you are the Admin, we suggest doing this manually in Users & Roles.
Was this article helpful?
2 out of 3 found this helpful

Comments

0 comments