Why Hubb?
An overview of the benefits and services Hubb can provide for your church or ministry.
Testimonials
Hundreds of churches and ministries are using Hubb. See what our customers say.
Charity Work
A key part of our strategy is to sow seeds outside of our own company.
Security
A robust and secure platform to manage your church operations with confidence.
Brochures
View our brochures online or download as PDFs for offline viewing and printing.
Blog
Check out our blog for helpful articles, system updates and latest news.
Partnerships
Significant discounts for organisations, groups and dioceses representing multiple churches.
About Us Our Team Press and Media Service Status
Church Website
Manage your church website with our easy to use content management system (CMS).
Church App
Communicate and engage more effectively with your church members and wider contacts.
Church Admin
Use our church admin tools to be efficient, save time and focus more on your mission.
Communications
Use Hubb to connect and engage with people better than ever before.
Managing People
Support your groups and ministries with our people management features.
Church Finance
Take online donations, import offline giving, and claim Gift Aid on everything.
Website Templates How it Works Demonstration website
Website Services
Helping churches maintain their websites and keep their content up-to-date.
Domains and Emails
Take advantage of our simple and affordable domain and email hosting services.
Creative Design
Our design team can help with your branding, printed materials and publicity.
Customer Support
If you have a question or need a hand, our support team are here to help.
Logo Design Contact Us
Email: hello@hubb.church
Phone: 01223 790222
 

Blog

 
 

Helpful Security Tips for Church Websites and Member Databases 

As reported recently, some large organisations have been affected by security breaches. Below, I explain our security and provide some helpful tips. 

security1

While we are doing everything we can to bolster our security efforts, there are also ways you can contribute.

Spoiler Alert - Use our 2-Factor Authentication for Web Office users. Read more below.

About Hubb Security

You can always visit www.hubb.church/security to review the information we have about our setup. The highlights include:

  • All pages on your site and the web office are fully encrypted with SSL using HTTPS.
  • Passwords are encrypted and stored in the database via a one-way salted hash. Secure password links are sent using time-sensitive, single-use email authentication.
  • All personal data stored on our servers is encrypted at rest.
  • We have continuous upstream DDoS mitigation, and our servers are constantly analysing incoming traffic using automated algorithms that automatically blacklist IP addresses originating any attacks on our servers. Our servers are up-to-date with all the latest security patches and only accept connections using the latest cyphers. Firewalls block all non-essential ports. 
  • We run regular automated security scans on our servers (including the OWASP Top 10 list) and periodically engage CREST-certified penetration testers for manual testing. We are rated grade A and A+ on industry-recognised security checking providers.
  • You can use our Multi-Factor Authentication feature, which you can see below.

Tips and things to consider


security2

Regularly resetting passwords
We strongly advise everyone to update their passwords regularly, not just their Hubb passwords, but all their passwords for their online services.

Even if you haven’t been hacked, companies you use might have been. If your password is leaked and you don’t change it, hackers can log into your account or try that password on other websites. 

By changing your passwords on sites you use, you protect yourself. 

Action: Why not update your most-used passwords and set a reminder every 3 months to update some others

Having more secure passwords
We are sure you will have strong passwords, but this is a good time to remind you to keep them strong. Weak passwords are easier to guess.

Tip - If your favourite password is ‘cambridge’ Don’t just captilise the first letter, then use the number 1 at the end of a password and then add an exclamation mark. This is no way to outfox hackers.

I’m not saying this is the most secure, but you could try something like this for your Facebook login - camBridgeFB7” and for Amazon - camBridgeAM7”. You can see I have placed the letters from the service in the password. Again, I’m not saying this is the most secure, but I hope you can see it’s helpful to have different passwords for different services that cannot be easily guessed.

Changing the capitalised letter and the number every six or twelve months would be an excellent discipline. I know it takes time, but it’s time well spent in today’s world. 
 

Multi-Factor Authentication

We strongly recommend exploring and enabling our multi-factor authentication feature for enhanced security when logging in to the web office.

Users frequently reuse passwords, which means that if one site is compromised and passwords are stolen, the hacker has access to numerous other sites where the same password was used.

Multi-factor authentication significantly reduces the risks associated with this because, when logging in, we check something you know (a password) and something you have (a device). A hacker may have your password, but they cannot log in without being able to enter the 6-digit code generated by your smartphone or another device.

To enable Multi-Factor Authentication for web office logins, go to Site Settings > Site Configuration and update the setting under Login Security.

For help and questions, please email us at support@hubb.church.

security2