Sharing documents

Some discussions just don't fit into a well defined box. Use this forum to discuss general topics and issues revolving around the Church and the technology offerings we use and share.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#11

Post by jdlessley »

dbdarrough wrote:We do however use Google Docs to share spreadsheets where we keep track of Sacrament meeting agendas, todo lists among clerks and bishopric members, birthday lists, members without callings, etc. and it is really useful in that capacity. ... Even though leaders such as RS, YM, YW, etc. have access to this information through MLS printouts, they don't currently have access to this information online and google docs has been a great tool to share that information with those that have the right to see it.
(bold added for emphasis) Confidential data such as membership data should not be stored on a third party server. The right to see confidential data does not supersede responsibility to protect that data. Protecting confidential data is why it should not be stored on a third party server. When third party servers are used to store data the Church cannot control the security of that data or who can gain access to it.
dbdarrough wrote:I actually contacted Church HQ to ask specifically about dropbox and google docs and was told that it was fine so long as it was secure and being used only for sharing documents among leaders, not to create a web presence for our ward.
What office, or who, at CHQ gave you that information? It would be nice to know what type of documents and what information or data would be included on those documents you asked about. Because I doubt that anyone in authority would have given approval to store confidential data on a third party server.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
DBDarrough
New Member
Posts: 8
Joined: Thu Sep 08, 2011 9:27 pm

#12

Post by DBDarrough »

jdlessley wrote:(bold added for emphasis) Confidential data such as membership data should not be stored on a third party server. The right to see confidential data does not supersede responsibility to protect that data. Protecting confidential data is why it should not be stored on a third party server. When third party servers are used to store data the Church cannot control the security of that data or who can gain access to it.

What office, or who, at CHQ gave you that information? It would be nice to know what type of documents and what information or data would be included on those documents you asked about. Because I doubt that anyone in authority would have given approval to store confidential data on a third party server.

[font=&quot]I called the Clerk Assistance and Instruction (Membership), telephone 801-240-3500 to ask about Dropbox and Google docs. I am our Ward Assistant Clerk over Membership in the Grandview 8th Ward.

1) I explained that we wished to use Dropbox to store MLS backups on the cloud automatically whenever they were saved to our local MLS Dropbox folder. We were using a USB flash drive for backups but trying to keep backups offsite when multiple clerks and bishopric members used the MLS computer throughout the week was becoming virtually impossible. It was always "Who has the USB flash drive and how do you keep it offsite if multiple people need to do backups?" and so instead of being offsite it basically sat in the drawer in the clerks office. Kind of pointless as an offsite backup, right? We even considered multiple flash drives for each person that does backups but that compounds the problem and chance of errors. But as I said, even though dropbox is more secure and reliable than any flash drive and is backed up regularly on their servers as well as our personal hard drives as soon as we logon, we couldn't get it to work consistently without modifying the Church's computer so we went back to the flash drive. To be clear, the problem was not with Dropbox but rather the Church's strict policies on the ward computer. This means we don't have an offsite backup solution that consistently works or is realistic to implement and simply leave the flash drive in the clerk's office.

2) I also explained that because the only people that have access to Leadership Resources currently are basically Bishoprics and Clerks, we wished to use Google Docs to have a common location for basic documents that all the leadership are allowed to access which we update weekly. These include Members without Callings, Members with Callings, Callings by Organization, Birthday List and Abbreviated Directory of Members as well as some spreadsheets we created to list Sacrament Meeting agendas and various todos among the Bishopric, clerks, etc. Each document/collection is only shared with those leaders that have full access to that document via MLS and are secure and require passwords through Google Docs. To be clear again, the only people with access rights to these shared Google docs are leaders who have access rights on MLS or have rights to that particular document, and Google docs is much more secure and reliable than 50+ printed copies being handed out each week of those documents to every organization head. They need access to that information in order to serve, fill positions and contact members.

I'm not sure who I spoke with (it was a few months ago) but I was told that using Google Docs as a tool to share information didn't violate any policy the Church has in place. We are not creating a ward website or other web presence or blog that anyone in the world or even average ward members can access. We are simply using secure technology to serve in our callings. This is no different than a Bishop or other leader sending emails with confidential information about ward members and is much more secure than a printed document that can be lost or simply passed around to those that really shouldn't have access to it. Clearly email systems go through servers and that information is stored in the cloud when you use Gmail, Yahoo email, etc. To say that somehow Gmail is ok but Google Docs (same company and systems) is not seems absurd.

If I sound frustrated it is because sometimes it feels as if Salt Lake lives in a bubble and doesn't get that in the real world these policies sometimes hinder rather than help us serve in our callings. The idea that we are trying to "supersede responsibility to protect that data" as you put it is frankly insulting. We chose to use Google Docs, after talking with Salt Lake, specifically because it is a more secure and proven technology when compared to the problems we have had with MLS being out of sync with the LDS.org website and because Salt Lake has given us no alternative tools. Without these technologies the work in our ward would grind to a halt in many ways. [/font][font=&quot]To give you an example or two, the Grandview 8th Ward family ward has within just our ward boundary over 18 Young Single Adult Wards from 3 different Stakes. Again that is 18 complete wards from 3 different stakes all within just our Grandview 8th Ward boundary! Some of these YSA wards are laid out so that 4 connecting apartments within a single building in an apartment complex go to 4 different wards. (Explain the logic of that to me). To make matters worse, if someone is single and 18-30 and moves into our Ward Boundary area or looks their address up on LDS.org to find their ward, their membership records are not sent to the YSA ward, they are sent to us and we have to figure out where to send the records. We have massive turnover in our ward every week from move ins/outs and Salt Lake sending us records that don't belong to us. Our ward also has an extremely high turnover rate and in the past 3 months we have seen changes in our 1st and 2nd counselors in our Bishopric, our Executive Secretary, multiple ward clerks, the RS and Elder's Quorum Presidents and the Sunday School president and that is just the leadership changes. Without these tools which we called Salt Lake and got approval to use, we couldn't begin to function in our callings efficiently, to fill the large number of positions that turn over weekly and to get the information to the new leaders that they need to serve. These tools are a blessing.

I am sure we are not alone in using these types of tools to serve in our callings, in fact I know that many wards use these same tools which is why people are asking about them in this forum. Like Gmail, where confidential leadership communications and attachments are stored on Google's servers, tools like Google Docs can be a benefit and blessing to those who serve and are secure. I called Salt Lake and received guidance that these tools didn't violate any church policies. I look forward to the day when the Church provides a simple shared storage space for wards or grants RS, YM, YW and other leaders access to the same information they can get on MLS but until then and until the Church instructs us to stop using tools like email, Gmail, Yahoo mail, Google Docs or any other similar technology that stores data on servers in the cloud, I'll continue to use these tools to serve in my calling and feel good about doing so.


[/font]
kisaac
Community Moderators
Posts: 1184
Joined: Sun Oct 21, 2007 6:04 am
Location: Utah, united states

#13

Post by kisaac »

dbdarrough wrote:We are simply using secure technology to serve in our callings.
I guess that is what the argument is about, in a nutshell. We just need to be sure we are all educated and careful as more and more information comes "on-line" and is shared.

We've had these discussions repeatedly about google. Lets not make any mistake...Google is convenient, productive and a huge help as we make our "presidencies" an online workgroup, but it is NOT secure technology. A small example...
http://googledocs.blogspot.com/2009/03/ ... email.html
Yesterday we contacted some of our users to let them know about an issue that affected their Google Docs accounts. We believe the issue affected less than 0.05% of all documents, but, in the interest of transparency, we wanted to share the details more broadly.

As we noted in the Google Docs Help Forum yesterday, we've identified and fixed a bug where a very small percentage of users shared some of their documents inadvertently.
Would that scare you about those documents you store there? And there are far more issues than many of us realize about online security, because this is all new to many of us. Is every one in your "workgroup" wise to technology and on-line safety? Your security is only as strong as the weakest "link."
  • Do they each have very good secure passwords, or might one of them have a password that is also their first name, and thus easily guessed?
  • Do any of them EVER access your docs (and email) out "on the road," and are they sure their connection is secure at hotels, airports and restaurants. Do they know the difference-HTTP and HTTPS? Could their device be stolen and data accessed?
  • Is their home computer secure from "wireless-snooping neighbors," spouses and children's eyes? It's very common for spouses in my unit to share their google email account, and thus their google docs. "She/he never looks...." Hmmmm.
  • The list goes on: When they delete sensitive emails and files, do they do so securely or just move them to the trash? Do they have personal ward information (names, addresses, etc) on smart phones, ipads, laptops, or jump drives that are easily stolen?
And you are right...printing out 12 copies of an agenda that has sensitive issues on it, which can be thrown in an insecure trash instead of shredded, left on pew in the chapel, or left on the kitchen table at your house. Yes, many of the issues are the same.

I had an errand to do at my stake clerk's office yesterday. The doors were all propped open, as somewhere in the building a carpet cleaning company was working. I walked into my office, never needing the key in my pocket, stayed there for about ten minutes, and did what I needed to do, and left, without ever seeing anyone. I could have been anybody, and taken anything, or saw anything, and NOBODY saw me come and go. Do we keep all checks and recommend books (back-up USB drives?) under lock and key as required, at all times- I checked, and everything was in locked cabinets THAT DAY, but is it always? But there were plenty of "sensitive lists" around....

I'm not saying you shouldn't use google docs, because I use it as well. I'm suggesting that we all use caution in everything we do. I consider anything with a name or a phone number, "sensitive." And I hope I'm always erring on the side of caution. From making sure the doors are locked in the building, files are shredded when they need to be, personal ward information is not being kept on personal devices when it shouldn't be...
We need to keep secure information, secure.
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#14

Post by russellhltn »

dbdarrough wrote:We were using a USB flash drive for backups but trying to keep backups offsite when multiple clerks and bishopric members used the MLS computer throughout the week was becoming virtually impossible.
I don't know of any requirement to keep a backup on USB, much less off-site, that up-to-date.

Also, since dropbox involves installing software, your Stake President would need to approve the installation of the software according to Policies and Guidelines for Computers Used by Clerks for Church Record Keeping
dbdarrough wrote:This means we don't have an offsite backup solution that consistently works or is realistic to implement and simply leave the flash drive in the clerk's office.
If you assign one person to do a backup and keep the flash drive on their person, that will satisfy the off-site requirement.

The subject of Google docs has come up many times. As long as the information is not confidential, it's not a problem. However, the uploading of MLS reports would seem to run afoul of specific advice that Tom has given us in the past to not upload any MLS data to third party servers. (Sorry, I'm having trouble finding that post right now. Someone else should be able to find it.)

dbdarrough wrote:Without these technologies the work in our ward would grind to a halt in many ways.
As someone who got started in clerking before local units had computers, please pardon my scepticism. It may not work as you would like it, the work may be slower then desired, but it would not halt.
dbdarrough wrote:I'm not sure who I spoke with (it was a few months ago) but I was told that using Google Docs as a tool to share information didn't violate any policy the Church has in place.
Which was fine to the extent that that's what you were told and what you are following. However, I'd almost bet that if you called again today and talked to someone else, you'd get a different answer. The person you talked to was most likely a first-level support person and answered to the best of their ability, but may not have given the best answer. The biggest objection I have is sharing an answer of uncertain origin with everyone else as "acceptable use".
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#15

Post by aebrown »

RussellHltn wrote:The subject of Google docs has come up many times. As long as the information is not confidential, it's not a problem. However, the uploading of MLS reports would seem to run afoul of specific advice that Tom has given us in the past to not upload any MLS data to third party servers. (Sorry, I'm having trouble finding that post right now. Someone else should be able to find it.)

Here are some posts that are relevant:
WelchTC wrote:I want to remind everyone that the Church has a policy about exporting information from MLS or LUWS and importing that same data into a server not officially sponsored and supported by the Church. You can use the data on your own "controlled" and "secure" PC's, laptops, and PDA's. However you are not allowed to host sites for your ward that would utilize this exported information.
WelchTC wrote:As a reminder, never upload information that you have downloaded from MLS or LUWS to a 3rd party server (unless it is an official Church server).
ChildsDJ wrote:...the policy states that all information should be kept secure and confidential. I look at it like there is no difference in membership information, home teaching, etc. that is printed out and stored in a binder and the binder is taken home and putting the information on a PDA.

We definitely do not want information housed on a 3rd party server. However, if there are any questions that are not clear enough, please post and I can find better answers.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
DBDarrough
New Member
Posts: 8
Joined: Thu Sep 08, 2011 9:27 pm

#16

Post by DBDarrough »

First, I appreciate the points you made regarding security. I want to be secure, our ward leadership wants to be secure and CHQ wants us to be secure. I think what made me respond the way I did was the accusation that we at the local level were somehow superseding our responsibility to protect confidential data by using tools like Google Docs and that we didn't care about security.

Regarding the security of tools like Google Docs though, especially in light of the personal examples you gave from church and that we have all experienced, I would have to respectfully disagree that Google Docs, Gmail or similar tools are somehow less secure than the Church's tools and policies. The example you gave of Google Docs security from 2009 was an extremely isolated case that affected less than 0.05% of all documents two years ago and then only after a very specific sequence of steps that had to occur. And because it was Google, the problem was identified and fixed within hours. My personal experience with the bugs and problems with the Church's systems, MLS, websites, etc. is that they are not 1/100 as reliable or secure as Google's tools are. No system is perfect but I trust Google's security hands down over policies like hand printed copies and the other weaknesses you mentioned. So I would respectfully say, by comparison, Google Docs and Gmail ARE secure.

I also would still love for someone from CHQ to explain how using email to send confidential messages back and forth and which are stored on servers in the cloud is somehow secure but tools like Google Docs aren't. Gmail and Google Docs both use the same logins and security to protect access and both save their information on Google servers in the cloud. So why is Google Docs not secure but Gmail is secure?

All of the issues you raised about secure passwords, secure remote access at hotels, etc., apply equally whether we are talking access to LDS.org, MLS or Google Docs. Those issues are not a specific weakness to any of the tools we are discussing, they are general safety rules that affect Church sites as well.

It seems that CHQ is straining at a security gnat with regards to isolated cases from 2 years ago with Google Docs while at the same time swallowing security camels left and right with regards to policies and weaknesses in the day to day real world way wards work at the local level. I am not excusing anyone for leaving doors open, computers logged in, leaving printed copies of confidential documents on pews, etc. but those by far outweigh any security breaches of Church data that occur from Google Docs and other tools. Using Google Docs has allowed us to eliminate many of these far greater security risks. Again, I reiterate, these tools are a much more secure way to share information with ward leaders than many of the policies that have built in weaknesses due to human nature.

One last point. I went back and read again the Handbook 2 regarding Internet usage as it relates to Members Use of the Internet in Church Callings in section 21.1.22. Without quoting it directly, not only is there nothing prohibiting the use of these tools, in fact it even says we can create individual websites and blogs so long as it is clear we are not officially representing the Church. At the end of the section it suggests further guidance can be found on LDS.org searching “Internet Usage Helps for Members". At that site, which isn't the Handbook so I'll quote, it says "When used appropriately, electronic communication, such as e-mail and Internet postings, can help Church members coordinate the work of the Church, strengthen faith, and minister to the needs of others." Further down in the section Personal Internet Use in Church Callings it says that we can in the course of serving in our callings "Use personal information found in stake and ward directories or other Church records only for Church purposes. This information should be shared carefully and only with those who need to access it to fulfill Church callings and assignments." That is exactly what we are talking about here. And I imagine, that is why, when I called CHQ and spoke with Clerk Assistance and Instruction (Membership) at 801-240-3500 that I was told it was OK to use tools like Google Docs to further the work of the Church.

I hope that you'll look into this because clearly we are getting conflicting, though well meaning, messages from this forum. It seems that the Handbook, LDS.org and those that I spoke with at CHQ all support the points I am making. If I am wrong, then their needs to be changes made to all three of those resources and probably a church wide announcement like the one that eliminated ward websites not on LDS.org a few years back.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#17

Post by aebrown »

dbdarrough wrote:It seems that CHQ is straining at a security gnat with regards to isolated cases from 2 years ago with Google Docs...

Just to clarify: no one from CHQ mentioned the Google Docs security issue from 2 years ago. Those posting on this thread are simply members of the LDSTech community. So although there references to Church policy, the interpretations posted on this thread are simply personal interpretations. Those opinions may provide helpful insights, but they are not official policy themselves.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
DBDarrough
New Member
Posts: 8
Joined: Thu Sep 08, 2011 9:27 pm

#18

Post by DBDarrough »

RussellHltn wrote:I don't know of any requirement to keep a backup on USB, much less off-site, that up-to-date.
Here is a link to the offsite MLS Backup policy on the LDSTech wiki:

https://tech.lds.org/wiki/MLS_backup#cite_note-0

The section on offsite backups states: "Church policy requires that some backup files be stored off site.[1] It is prudent to establish a regular schedule of taking floppy disk or flash drive backups off site. This protects against the risks of fire, vandalism, theft, and natural disaster."
RussellHltn wrote:Also, since dropbox involves installing software, your Stake President would need to approve the installation of the software according to Policies and Guidelines for Computers Used by Clerks for Church Record Keeping
As I stated, we do not use dropbox specifically because it would have required adding software and/or modifying the computer firewall to allow access. We simply didn't want to go through the hoops to get the necessary permissions and went back to using a flash drive.


RussellHltn wrote:If you assign one person to do a backup and keep the flash drive on their person, that will satisfy the off-site requirement.
Apparently your ward doesn't have 5 different clerks as well as Bishopric members that access the computer throughout the week and are prompted to create a backup before exiting. If the whole point of having a backup is so that nothing will be lost if we need to restore our system then that backup needs to be done every time we are prompted which is throughout the week by multiple people. One person can't be the sole possessor of the flash drive.
RussellHltn wrote:The subject of Google docs has come up many times. As long as the information is not confidential, it's not a problem. However, the uploading of MLS reports would seem to run afoul of specific advice that Tom has given us in the past to not upload any MLS data to third party servers. (Sorry, I'm having trouble finding that post right now. Someone else should be able to find it.)
Hopefully my links to the relevant sections in the Handbook and LDS.org site on [font=&quot]“Internet Usage Helps for Members" in my post above clear up that it is OK, at least according to those documents and what I was told by CHQ when I called to share these documents on the internet with those that have a right to view them.[/font]
RussellHltn wrote:As someone who got started in clerking before local units had computers, please pardon my scepticism. It may not work as you would like it, the work may be slower then desired, but it would not halt.
Wow, another insult rather than a productive comment. I realize that we used to do everything by hand with carbon paper copies but I don't see how suggesting not using technologies to speed up the work and be more efficient is a good thing.
RussellHltn wrote:Which was fine to the extent that that's what you were told and what you are following. However, I'd almost bet that if you called again today and talked to someone else, you'd get a different answer. The person you talked to was most likely a first-level support person and answered to the best of their ability, but may not have given the best answer. The biggest objection I have is sharing an answer of uncertain origin with everyone else as "acceptable use".
Again, wow, another insult on this forum. You did not speak with the person I spoke with, don't know if it was the highest authority available, or who they talked with to get the answer they gave me etc. yet you feel qualifed to share with others your "answers of uncertain origin" and speak about a conversation you were not a part of. Please stop.
DBDarrough
New Member
Posts: 8
Joined: Thu Sep 08, 2011 9:27 pm

#19

Post by DBDarrough »

aebrown wrote:.... Those posting on this thread are simply members of the LDSTech community. So although there references to Church policy, the interpretations posted on this thread are simply personal interpretations. Those opinions may provide helpful insights, but they are not official policy themselves.

Good to know. I appreciate everyone's input and don't want to be critical of those willing to help others on this forum. I realize we are all volunteers and contribute here as a service to others. But I am glad you clarified that this forum is not the official church response to this or any other issue.
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#20

Post by russellhltn »

Before I begin, one note on the titles. When you see the word "Community" in the title, that's not a employee or other representative of CHQ. It's simply a member who has been called to maintain the forum.

I'll also note that there is some gray area, and we tend to be conservative in our personal interpretations.

Church employees are usually identified by a badge icon under their name.

dbdarrough wrote:Regarding the security of tools like Google Docs though, especially in light of the personal examples you gave from church and that we have all experienced, I would have to respectfully disagree that Google Docs, Gmail or similar tools are somehow less secure than the Church's tools and policies.
I believe the issue is one of control. The church has control over it's tools and has employees that are responsible for their security. With any 3rd party, all they can do is trust that they are living up to their commitment to security. The church has no control over the internal situations that in time could cause a security lapse.

If the church has a legal obligation to maintain the security of the information, they may be unwilling to accept responsibility for a third party.
dbdarrough wrote:I also would still love for someone from CHQ to explain how using email to send confidential messages back and forth and which are stored on servers in the cloud is somehow secure but tools like Google Docs aren't.
I'd be careful about that line of logic, since I don't remember seeing anything that says email IS acceptable for confidential communication. In fact, looking at one of the webpages you mentioned, I find "Safeguard personal information. It should not be included in electronic messages, such as e-mail, text messages, or instant messages." (emphasis added)

Again, we're not saying that you can't use email or Google docs as part of your calling. The question is what material is appropriate to share via those means.
dbdarrough wrote:I am not excusing anyone for leaving doors open, computers logged in, leaving printed copies of confidential documents on pews, etc. but those by far outweigh any security breaches of Church data that occur from Google Docs and other tools.
I see a difference from a liability standpoint. Given the prohibition on legal discussion, I'll leave it at that.
dbdarrough wrote:Further down in the section Personal Internet Use in Church Callings it says that we can in the course of serving in our callings "Use personal information found in stake and ward directories or other Church records only for Church purposes. This information should be shared carefully and only with those who need to access it to fulfill Church callings and assignments."
Interesting find. The statement is accurate, but I can see your point about the placement in that section.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
Post Reply

Return to “General Discussions”