Digital Trust Suite

Website Security Practices

How we protect our digital platforms, your data, and maintain a safe online environment for ministry and community connection.

Last updated: October 15, 2025 Maintainer: Communications Office Contact: info@yateschurch.org • (919) 489‑2309

🔒 Simplified Summary

We take the security of our website and your data seriously. Our systems are monitored, updated, and maintained according to current best practices. No system is perfect, but we work proactively to keep this site safe for visitors and ministry users.

1) Purpose

This policy outlines the measures Yates Baptist Church takes to safeguard its digital platforms—including yateschurch.org, subdomains, and related services—from unauthorized access, data misuse, or disruption.

Our goal is to ensure reliability, trust, and resilience in all online ministry activities.

2) Hosting Environment

Our website is hosted through a secure U.S.-based provider using:

Encrypted connections (HTTPS/TLS 1.3) for all site traffic.
Daily server backups retained on secure, access-controlled systems.
Automated malware and intrusion detection, monitored by the hosting provider.
Least-privilege access for staff, limited to authorized roles.

3) Platform and Software Maintenance

The Yates website runs on WordPress with a controlled plugin environment. We maintain security through:

Regular core, theme, and plugin updates following version control testing.
PHP runtime updates aligned with hosting recommendations.
Routine audits for deprecated or high-risk plugins.
Hardening measures such as limited login attempts, reCAPTCHA v3 protection, and firewall enforcement.

Administrative access requires secure authentication and is restricted to designated staff and developers.

4) Data Protection

Sensitive or personally identifiable information collected through forms (e.g., contact forms, giving portals, registrations) is:

Transmitted over SSL/TLS encryption.
Stored securely in cloud systems compliant with relevant data protection laws.
Never shared or sold to third parties.

Where third-party platforms are used (e.g., Realm, Square, Google), their respective security and privacy standards apply. See our Privacy Policy for more details.

5) Account and Credential Management

For authorized users with administrative or editor access:

Accounts use unique credentials and strong passwords.
Two-factor authentication (2FA) is required where available.
Access is revoked promptly upon role change or staff departure.
Passwords are never stored in plaintext or shared by email.

Routine access reviews occur at least twice per year.

6) Incident Response

If a breach, unauthorized access, or data loss is suspected:

Immediate containment measures are taken (account suspension, firewall isolation).
Hosting logs and database integrity are reviewed.
A report is filed internally and escalated to the Communications Office.
Affected users or partners are notified when appropriate, in compliance with applicable law.

We also maintain written protocols for communication and recovery in collaboration with our hosting provider.

7) Vulnerability Reporting

We welcome responsible disclosure of potential security issues. If you discover a vulnerability, please report it privately by emailing info@yateschurch.org.

Include:

A clear description of the issue.
Steps to reproduce.
No exploitation or data access attempts.

We will acknowledge receipt within five business days and work promptly to review and resolve the matter.

8) Continuous Improvement

Security practices evolve with technology and threats. We conduct periodic reviews of:

Hosting configurations
Plugin and dependency integrity
Administrative access lists
Backup and recovery processes

Significant updates are documented on the Digital Trust overview page.