Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
13 Dec 2022 | |
Written by Toucan Tech | |
Managing Data |
Data security is a critical priority for any organisation that manages or owns data - and it is crucial that all community and member data, as well as any personal information, is securely stored and protected. If you run an online community, having secure data protocols in place will also encourage your community to participate and engage with one another within their own private portal, with full confidence that their data is being protected.
In this article, find out how we protect and store data at ToucanTech, as we answer some of our most frequently asked questions.
Who owns the data?
You do, of course! Silly question, right? Well actually no, not so silly. You definitely need to be confident that your suppliers don’t use your community data for their own commercial purposes. Here at ToucanTech, we are solely a data processor. So whilst we process personal data on behalf of our customers at their instruction, it is still owned entirely by them.
Where is data stored?
ToucanTech stores all data on one of our dedicated secure cloud servers hosted by Amazon Web Services (AWS) with all data remaining within the jurisdiction of the server. Plus customer data is held on a separate database of their own.
How is the data protected?
We encrypt data
We set up SSL certificates for each of our client websites to ensure encrypted data transmission between server and browser and all database data is encrypted using the Amazon encryption key service.
General Data Protection Regulations
We are registered with the UK’s Information Commissioner’s Office (ICO) to handle all of our customer databases, as well as adhering to the privacy policies of multiple global jurisdictions, including the EU’s GDPR and Australian, UK and US data privacy laws.
ToucanTech team data handling policy
Every ToucanTech team member signs and adheres to our Information Security Policy, which is available to view upon request. Our employment contracts include a customer data clause, out-lining that if a team member is handling any customer data they must strictly comply with our Information Security Policy, including measures such as never storing data on personal devices and never sending data lists via email.
Vulnerability and penetration scanning
In order to identify vulnerabilities, we run malware and antivirus scans daily, as well as monthly penetration scans and patch updates as additional security measures.
Additional firewall protections
We use two types of firewalls to ensure protection for our clients and their data. Virtual network firewalls restrict server traffic, and web application firewalls, which detect and protect against unwanted intrusions on all our web servers.
Regular data back-ups and disaster recovery plans
We ensure that full back-ups of all website files and databases are made every 24 hours on our live servers. In addition, a full SQL back-up of each customer's database is saved to a backup server in a separate location on the first day of each month and made available for the customer to download.
And many helpful tools available to help you keep your data secure
Enable different permissions levels for each of your administrators, restricting their access to the data they require to perform their job. Audit trails track the data changes and reports accessed by your team. Plus with MFA (multi-factor authentication), you have one of the most effective ways to prevent unauthorised access to your data.
ToucanTech is a cloud software used by organisations internationally, including schools, universities, nonprofits, clubs and companies, to manage a community database/CRM and a connected website. To find out more about how we support the management and growth of online communities, get in touch with one of the ToucanTech team.
Learn how to keep your database clean and accurate with these eight useful tips you can start to implement right now. More...
Having a database full of dirty data can be a CRM nightmare. Read ToucanTech's tips to find out how you can declutter yo… More...
We caught up with this New York high school about their recent switch from Raiser's Edge to an all-in-one integrated CRM… More...
Data security is a critical priority for any organisation managing personal data: find out how you can confidently ensur… More...
How to consolidate your email, events, and alumni engagement data into one system More...
Let us know how you're hoping to use ToucanTech and we'll match you with a product expert
We recently sat down with Lawrence Jackson of Catalyst Management, a high impact fundraising and philanthropy consultancy and agency, to learn more ab… More...
Having a database full of dirty data can be a CRM nightmare. Read ToucanTech's tips to find out how you can declutter your database to ensure your ana… More...
Time-saving tips to send more personalised alumni communications with less effort More...