“It’s freed up extra time, and it leaves us with a lot of peace of mind.”
Christ’s Church of the Valley
Over the past decade, Christ’s Church of the Valley (CCV) has grown from one to 12 campuses in the Phoenix Metro Area, with four more in the works. That growth leads to more computers, servers, and, unfortunately, more vulnerabilities to cyberattacks.
As CCV's IT Director for 11 years, Chris Holub has played an important role in the company's growth. CCV operates with a small IT team that takes care of day-to-day technology issues. As CCV continues to grow, Holub decided it was time to bring in One Step Secure IT to help keep up with server updates and maintenance.
After CCV suffered a ransomware attack about 5 years ago, cybersecurity became a priority, but CCV’s team wasn’t large enough to cover all the bases.
In short, CCV was hit with ransomware, a type of malware growing in popularity with cyber criminals. The ransomware encrypts data until the demanded ransom is paid. If you’re lucky, cyber criminals give you the encryption key after they are paid. Some people aren’t so fortunate and lose everything anyway.
“We lovingly refer to it as Hacks-giving because it happened around Thanksgiving,” Holub said. “I got woken up by my phone constantly buzzing — it was my systems administrator frantically texting everybody because he couldn’t get into anything and all of our servers had some sort of message demanding payment… it was bad.”
Once the cyber criminals gained access to one remote desktop computer, they had access to all of them. With the CCV server under the control of the hackers, church leaders found themselves worried about sensitive data loss, extended downtime, and wondering if they would ever recover critical information. After weighing their limited options, CCV decided to pay the ransom in Bitcoin and considered themselves lucky after receiving the encryption keys.
“They could’ve just taken the money and ran,” Holub said.
Even with the encryption keys, gaining access to their data again was difficult. They had to run the 12 encryption keys on over 30 different servers.
“It was very painful, to say the least, and time-consuming,” he said. “That’s when we started taking a hard, hard look into our security and what we needed to do to shore it up.”
The Most Costly Loss Was Time
It took the better part of a couple of months before CCV’s systems were fully functional again, Holub said. Only one person on their team could do the bulk of the work needed to get their systems back up.
“It was extremely inconvenient and embarrassing at the same time — tough conversations with my boss and other people. It’s just one of those things — after you’ve learned your lesson, it’s always in the forefront of your mind,” Holub said.
Co-Managed IT Resulted in Better Support for CCV Staff
Holub, along with others at CCV decided to outsource some of their IT support after it became clear the internal IT team didn't have enough time to take care of day-to-day issues and keep up with server maintenance. Pivoting to co-managed IT allowed their current IT staff to focus on resolving day-to-day tech issues quickly and better support their staff.
After talking with One Step, Holub saw the advantages of having One Step’s IT experts manage and monitor their systems 24/7. They no longer have to worry about issues arising while someone on their internal team is out sick or on vacation.
“There’s just not going to be gaps,” Holub said.
Why One Step?
After the ransomware attack, Holub knows the importance of having a strong cybersecurity strategy in place. He wanted to make sure his IT partner had a focus and understanding of cybersecurity — One Step Secure IT was the right fit.
One Step Secure IT is a well-rounded IT company with a focus on cybersecurity and compliance.
“IT is just so broad. So it’s great being able to work with people who have the upper-level expertise that you can count on,” he said.
One Step Secure IT’s cybersecurity and IT experts make sure all CCV systems are up-to-date, along with other services, including:
- Network and Security Scanning
- 24/7 Defense
- Employee Security and Awareness Education
Holub finds it particularly valuable that One Step’s team helps with all issues that arise, including those that may fall outside of the initially agreed-upon scope of work.
“I like the ease of being able to work with One Step —whatever the case may be…my guy Tim is going to find a way to help or get us a resource, so I love that.”
“It’s convenient that I can just pick up the phone or shoot an email, and One Step is always Johnny-on-the-spot with taking care of our needs,” Holub said. “It’s freed up extra time, and it leaves you with a lot of peace of mind.”
Having learned the importance of cybersecurity the hard way, CCV will host a cybersecurity roundtable to educate other churches.
“The roundtable is titled ‘cybersecurity is inconvenient,’ but what's really inconvenient is being down for a week or months at a time because you didn’t have your stuff locked down,” Holub said.
With One Step’s help, CCV has server maintenance and day-to-day tech issues taken care of while cybersecurity is at the forefront of all they do.
“Hackers are always evolving in the ways they can get into your systems. You’ve gotta be just as resilient.”
Like What You're Reading?
Subscribe to the Cyber Roundup e-newsletter for useful tips, relevant blogs, insights from experts, and upcoming events.