Home

Is My Data Safe?

 We use the same security measures as online banking websites, and are constantly improving as new approaches become available. Some of the security measures we have taken:

- All parts of the website that allow payment with a credit/debit card use an SSL digital ID so the donor will see the closed padlock icon in their web brower.  Each of our clients gets their own SSL digital ID, never shared. 

- All passwords are encrypted in the underlying database using an industry-standard encryption routine.

- Each individual gets their own user name and password, where not even the staff can view their password. For example: each child or teenager in a family gets their own user name and each adult also gets their own user name. Teenagers and children cannot see their parents financial history.

- Even though we support automated credit card transactions, we NEVER store the credit card data in our system. Virtually all other synagogue software packages store credit card numbers in their databases, which is a tremendous liability for you. 

- Our data center is SSAE 16 compliant. Click here to read more details.

- Each user logging in has a "role" or "roles" in the system that governs what they are allowed to see and do. These roles can be very fine grained, so that each person only has access to areas relevent to them and nothing more.

- Changes to contact and financial records are logged, including who made the change and exactly what was changed,

- The data center has numerous firewalls and other security devices designed to protect the entire network. Click here to read more about the data center security

- Each of our clients has their own installation, database and file system area. Our software is not "multi-tenant".

- Each of the Pogstone servers ONLY has other Pogstone clients running on that server. Some clients choose to pay a premium to have a their own server in the Pogstone data center.

- Our data center partner, a company called Liquid Web, runs many hardened data centers with top notch security and 24/7 monitoring. You can learn more about Liquid Web at www.liquidweb.com/datacenter/

- Our data center partner runs 3 physical data center buildings, so if there is an issue at one building the system can be seamlessly moved to another building. In the event this is necessary, downtime would be 30 -60 minutes.

- Within any of the buildings, all our software can be seamlessly run on any server in the building so there is no single point of failure.

- Pogstone in concert with LiquidWeb does 24/7 monitoring of the Pogstone servers.

- We always retain last night, last week, and last month backup and Pogstone can restore from these backups on request.   You can also download a nightly backup of your database to your own environment. 

- Our solution is sustantially more secure and reliable than storing financial data on a PC connected to the Internet, where that PC is susceptiple to viruses, malware, hacking even when no one is using the PC. In most cases, nonprofits cannot afford the types of security measures to protect their own equipment that large data centers like Liquid Web use to protect their servers. 

- The day you connected your organization's office to the Internet, you created the risk of being hacked from someone outside the office. Does your organization's network have robust intrusion detection? Application and network firewalls? 24/7 monitoring?   If your organization's network was hacked, would you even realize it?

- You may have heard rumors that the Internet/cloud is not secure at this time, and have read about hacking at large companies. We can not speak for all data centers on the Internet, but we can speak about our Pogstone data center and the robust security measures we have taken.   Also, even if you are not on the cloud, virtually all banks are already on the Internet, and have been for years.  Plus virtually all organization offices are already connected to the Internet, which means you face the same, or worse risks even with a desktop solution.    

- We have robust controls that apply whenever a member changes information. First, the office can prevent people from making any change at all, or only permit member changes to a handful of select fields.  Any time a change is made by a member, the office gets an immediate notification as well as various reports.    The office can review reports that show the exact change that was made, by who, and can revert the change as needed.   These robust change logs and reverting tools are helpful even within the office, if a staff member has made a mistake.

 

 

  • Login or register to post comments

Share this page!

spacer

Website developed by Pogstone Inc.
Related searches:
center security office internet change
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.