Data security is a critical priority for any organisation that manages or owns data - and it is crucial that all community and member data, as well as any personal information, is securely stored and protected. If you run an online community, having secure data protocols in place will also encourage your community to participate and engage with one another within their own private portal, with full confidence that their data is being protected.
In this article, find out how we protect and store data at ToucanTech, as we answer some of our most frequently asked questions.
Who owns the data?
You do, of course! Silly question, right? Well actually no, not so silly. You definitely need to be confident that your suppliers don’t use your community data for their own commercial purposes. Here at ToucanTech, we are solely a data processor. So whilst we process personal data on behalf of our customers at their instruction, it is still owned entirely by them.
Where is data stored?
ToucanTech stores all data on one of our dedicated secure cloud servers hosted by Amazon Web Services (AWS) with all data remaining within the jurisdiction of the server. Plus customer data is held on a separate database of their own.
How is the data protected?
We encrypt data
We set up SSL certificates for each of our client websites to ensure encrypted data transmission between server and browser and all database data is encrypted using the Amazon encryption key service.
General Data Protection Regulations
We are registered with the UK’s Information Commissioner’s Office (ICO) to handle all of our customer databases, as well as adhering to the privacy policies of multiple global jurisdictions, including the EU’s GDPR and Australian, UK and US data privacy laws.
Accountability for data security at ToucanTech
Our data protection officer (DPO) is our Director of Finance & Operations, who ensures that we comply with international data regulations and that all of our data is processed safely and securely. Every new team member adheres to our Information Security Policy, which is available to view upon request.
Vulnerability and penetration scanning
In order to identify vulnerabilities, we run malware and antivirus scans daily, as well as monthly penetration scans and patch updates as additional security measures.
Additional firewall protections
We use two types of firewalls to ensure protection for our clients and their data. Virtual network firewalls restrict server traffic, and web application firewalls, which detect and protect against unwanted intrusions on all our web servers.
Regular data back-ups and disaster recovery plans
We ensure that full back-ups of all website files and databases are made every 24 hours on our live servers. In addition, a full SQL back-up of each customer's database is saved to a backup server in a separate location on the first day of each month and made available for the customer to download.
And many helpful tools available to help you keep your data secure
Enable different permissions levels for each of your administrators, restricting their access to the data they require to perform their job. Audit trails track the data changes and reports accessed by your team. Plus with MFA (multi-factor authentication), you have one of the most effective ways to prevent unauthorised access to your data.
ToucanTech is a cloud software used by organisations internationally, including schools, universities, nonprofits, clubs and companies, to manage a community database/CRM and a connected website. To find out more about how we support the management and growth of online communities, get in touch with one of the ToucanTech team.
We caught up with this New York high school about their recent switch from Raiser's Edge to an all-in-one integrated CRM… More...
Data security is a critical priority for any organisation managing personal data: find out how you can confidently ensur… More...
How to consolidate your email, events, and alumni engagement data into one system More...
Rodean successfully beats its fundraising target for its Ukrainian Bursary Appeal, raising almost £70,000 to support the school's Ukrainian students. More...
Because parent networks are often heavily relied upon when it comes to school fundraising, find out how to expand your donor base beyond your parent n… More...