Ransomware is a serious threat that costs a lot of unbudgeted dollars to fix. Effective protection is available! Here’s what I recommend. Ransomware is not like most malware threats that slip into systems under the radar. Ransomware is a malware that must be invited in. Here are three steps that will raise your protected status to “very high.”

XPastor note: this article has sales information in it, which we normally don’t include. In light of the huge threat and cost of ransomeware, those items are included in this article. This is an urgent issue for churches to deal with.

Step 1

Because ransomware must be invited in by a user of your system, it is essential to train your staff on how to recognize malicious links and avoid them. A better way to think of that may be to train your team to recognize good email and website links, so they know to avoid those that are different.

The best tool we’ve found for that is a solution called KnowBe4. Here’s what I wrote about them in my most recent book, Church IT (note 1):

We have many team members who feel they are too busy or can’t be bothered with learning secure email practices.

Many feel they know what they’re doing already anyway.

Many of those same people are the very ones who click on links in email that infect their computer or, worse, the network drive. Some get their identity stolen or, again even worse from an organizational perspective, transfer tens of thousands of dollars because someone duped them into believing the pastor or ministry leader wanted—or needed—them to.

Welcome to the rescue, KnowBe4. This service lets you set up an account and campaigns that sends your team emails that look real, but are actually spam. Anyone who responds inappropriately (such as by clicking a link or completing an embedded form) gets put into a kind of limbo, which he or she can only escape by watching a short, well-done online video explaining what he or she did wrong.

KnowBe4 is “best of breed,” and we recommend subscribing to the Platinum Tier. Note: My firm was able to negotiate a great discount with them for churches and ministries. Any church or ministry that contacts KnowBe4 at 855.566.9234 or [email protected] and say MBS, Inc. referred it, will receive a 55% discount. MBS does not profit from this or any other transaction for a solution we recommend.

Step 2

Malware threats are everywhere. Websites, emails, text messages. Wisdom suggests it’s best to protect with the best tools possible. We recently moved our anti-malware spec to SentinelOne. Instead of relying on malware signatures (which are databases of known threats), it uses artificial intelligence (AI) to protect from malware agents, even those that are too new to be in malware signature databases.

Through an arrangement with our preferred solution distributor, pax8, and because my firm (MBS) isn’t allowed in its by-laws to make money on hardware and software it recommends, Christian churches and ministries are able to get SentinelOne Control for about $3 per computer per month! There are a couple of caveats:
To get SentinelOne Control for that low price, you need to setup a pax8 account via the form at pax8.mbsinc.com. Doing so is not restricted to MBS clients! Any Christian church or ministry can do this!

SentinelOne Control is not a simple installation. You may have an IT department who can do it, or an IT vendor who can. If not, MBS is available to help at its normal hourly rate. To get help from MBS, email [email protected].

Step 3

If ransomware somehow gets through your defensive lines of training and protection, your best last-line-of-defense is having a good backup strategy. Whether onsite or online, being able to restore your data and systems to a moment before the ransomware hit and began encrypting files is the shortest and least expensive path to restored ministry.

Our favorite backup solution is Veeam. It is fast, capable, and reliable. So much so that when we launched our online backup service, we chose to base it on Veeam’s solution!

Ransomware is scary, but it can be well-fought and even overcome with these three strategies in place. Remember that ransomware is a malware that must be invited in.


  1. Church IT: Using Information Technology for the Mission of the Church