Church Community Builder

Security Overview

security-overview-img
Effective Date: May 19, 2020

Church Community Builder is committed to providing you with the best security for your data. Our main goal is to make your entire community of users feel that we have done everything we can do to protect their information.

We Want Your Staff To Feel Secure

  • as they work with member data.
  • as they invite members and volunteer leaders to be a part of the online community.
  • as they communicate across the Internet.

We Want Your Members To Feel Secure

  • as they update their information (helping their church know when changes occur in their lives).
  • as they share information with staff, group leaders, and the community.
  • as they view and print their own contribution information.

We Want Your IT Professionals And Consultants To Feel Secure

  • by knowing we use a state-of-the-art Cloud Hosting Provider.
  • by knowing we use high-quality 256-bit SSL encryption to secure transmission of data.
  • by knowing we monitor inbound/outbound traffic daily to evaluate security risks.
  • by knowing your data is replicated in real-time to a separate, highly available data center hosted by our Cloud Hosting Provider, and your data is backed up nightly to a separate region of our Cloud Hosting Provider.

Hosting Platform

Your data is one of the most important aspects of the Church Community Builder Solution and we treat it as such. Having great security, resilience, and responsiveness in a solution is important, which is why we here at Church Community Builder have taken every effort to find the best way in which to host your data. The following details provide information about the capabilities provided by the Cloud Hosting Provider’s data centers where the Church Community Builder software is maintained and your live data is stored.

  • Access to data centers is limited to only authorized individuals, and only for the time which they need facility access.
  • Continuous monitoring for unauthorized facility access is performed via video surveillance, intrusion detection, and access log monitoring systems.
  • Audits of over 2600 requirements are performed by external auditors throughout the year to validate compliance with numerous regulatory programs.
  • Fully redundant power systems are built to ensure the availability of systems even in the event of a critical power failure.
  • Water leakage detection systems are implemented to prevent system damage and outages.
  • Climate control systems are in place to maintain acceptable temperatures for the servers, helping prevent system outages.
  • Multiple data centers within the same region with high speed, highly available connectivity between them, allowing for data and system availability, even through a full data center outage.
  • Highly available internet connectivity with scalable throughput.

Application Security

We recognize you are entrusting your data to Church Community Builder, and that it’s critical for your staff, volunteer ministry leaders, and members to have access to this data in a safe and secure manner.

Data Encryption

Church Community Builder uses high-grade 256-bit certificates and modern TLS to encrypt access to our application, regardless of whether it’s user logins, accessing user data, or processing financial transaction data. These enterprise-level certificates maintained through Digicert, provide assurance that your data is protected between our servers and your computer.

Account Security

On the user end, we require that all individual logins require at least one numeric and one alpha character and that their password must be at least six characters long to further ensure the security of the data. After five unsuccessful attempts at log in, a user’s account is automatically locked for a 60-minute period. Additionally, we also automatically log users out of sessions after six hours of inactivity to prevent unauthorized access.

User Permissions

Church Community Builder was designed to give you control over how each person is able to access your data. This control can be done via standard user permissions such as a Limited Access User which cannot see any people in your database, a Basic User with the ability to see other listed individuals or a Small Group Leader with access to individuals and data in their groups. If these permissions don’t quite meet your needs, customized administrative users can be granted granular control with over 100 different areas of the application in which permissions can be configured.

Data Security

Hardware & Software

Security and reliability depend on great systems. Church Community Builder’s solution has been designed from the ground up to implement industry best practices ranging from least privilege to network segmentation. As part of this, security patches for operating systems and installed applications are updated regularly, and systems are also hardened by disabling non-essential services/ports and enabling secure configurations on the operating systems and installed applications.

In addition to building secure systems, we also implement some pretty cool tools to protect against threats to our systems and your data. One of these is a web application firewall (WAF). This tool is built to inspect connections coming into our systems and analyze it for malicious behavior. Depending on the type of threat, the WAF may then present the user a captcha, or if it’s too risky, it’ll simply block the traffic.

Another type of threat that service providers face is a distributed denial of service (DDOS) attack. These types of attacks may be performed in many ways, but ultimately result in an impact to the availability of a service. To combat this, we have implemented a tool to provide us DDOS protection. You can be confident that even when something attempts to cause a DDOS to Church Community Builder’s services, access to your data will still be functional.

Scalability

Church Community Builder’s critical services are hosted behind load balancers to enhance availability and throughput. One of the amazing characteristics of Church Community Builder’s software is its ability to scale automatically. As load increases on our software, systems are built to detect the need and power up additional resources to ensure that access to your data is still responsive. Don’t worry, each new resource that is powered up is secured in the same way as our other systems. When these systems automatically power down, there’s never any impact to your data.

Payment Card Industry (PCI) Compliance

When using Church Community Builder’s Payment portal, you can be confident that your payment information is secure. We engage with a third-party assessor annually to validate that our systems are implemented securely and comply with the PCI Data Security Standard. Components of this program include third-party penetration tests, vulnerability scanning, patching, security incident management, daily log review, alerts for critical events, and much more.

For more information on our commitment to you around PCI compliance, please feel free to check out our PCI Compliance article.

Backups

Church Community Builder utilizes multiple methods to ensure that your church’s data will be available to you when you need it. First, and most important, Church Community Builder replicates your data in realtime between resilient, secure environments in different data centers owned by our Cloud Hosting Provider. This ensures that if there is a disastrous outage at the primary data center hosting our services, even your most recent updates to data will still have been captured. Second, Church Community Builder also retains daily backups for weeks, and weekly backups for months, in a separate region provided by our Cloud Hosting Provider. In the event of a critical impact to an entire region for our Cloud Hosting Provider, your data will still be recoverable.

Data Ownership

Church Community Builder does not own or have any rights to any data that the customer submits as a result of using the service. Church Community Builder will not monitor, edit, or disclose any information regarding the customer or customer’s database without the customer’s express written permission except as may be required by law.

The Benefits of Software as a Service (SaaS)

Church Community Builder was built from the ground up to utilize the power of the Internet. Gone are the days when it was OK to have an assistant enter all of the church member data and create reports to get that information back out. Churches in today’s world need the ability to empower volunteer leaders to communicate instantly and dynamically and to build community. The traditional church management software cannot provide this; Church Community Builder can.

One of the additional benefits to utilizing Church Community Builder’s is a built-in Disaster Recovery plan, which would protect your data regardless of hardware issues, office fires, flooding, or other scenarios that might take place at your local church or data center. Any internet access, from any location, will give you access to your Church Community Builder software.

Lower Cost of Maintenance

Your church does not have to maintain the physical equipment or logical systems that ensure security, resilience, and responsiveness that exist when hosting a solution from your church office. Nor does the church have to put additional strain on their IT departments or volunteers to install and maintain applications or infrastructure.

No Cost For Updates

By using a hosted software, updates are automatically loaded to your application as they come available, ensuring that you have the latest version. No more manual upgrades or updates to infrastructure or software.