Church Community Builder is committed to providing you with the best security for your data. Our main goal is to make your entire community of users feel that we have done everything we can do to protect their information.
We want your staff to feel secure...
- as they work with member data
- as they invite members and volunteer leaders to be a part of the online community
- as they communicate across the Internet
We want your members to feel secure...
- as they update their information (helping their church know when changes occur in their lives)
- as they share information with staff, group leaders, and the community
- as they view and print their own contribution information
We want your IT professionals and consultants to feel secure...
- by knowing, we use state-of-the-art facilities and equipment
- by knowing we use high-quality 256-bit SSL encryption to secure transmission of data
- by knowing we monitor inbound/outbound traffic daily to evaluate security risks
- by knowing your data is backed up nightly and replicated offsite to our secure, redundant data center
Network Operations Center
Your data is one of the most important aspects of the Church Community Builder Solution and we treat it as such. The following are specifics for our primary network operations center where the Church Community Builder software is maintained and where your live data is stored. Backups are stored onsite and, more importantly, offsite. You can learn more about backups later in this document.
- Network backbone — multiple OC12 and OC48 connections
- BGP4 — automatic failover through Level3, Time Warner, and Cogent providers
- Triple door access — through two keycard doors & one physical key door for access • Locked server rack access
- 24/7 video surveillance
- ￼Network Operations Center
- Two fully separate city power grids with automatic transfer switch • Facility-wide UPS (battery uninterruptible power supply)
- 500KvA Onan diesel generator for continuous backup power
- Dry pipe fire suppression system
- 365/24/7 emergency support for the facility
- Raised and vented flooring for superior environment management
Having great security, resilience, and responsiveness in a primary data center is important, but what happens in the unlikely event of a catastrophe? Church Community Builder utilizes a second data center as part of our disaster recovery plan. Our redundant data center provider is SAS 70 Type II certified and employs biometric scanners, 24/7 onsite personnel, redundant network/power/generator/cooling systems, multi-carrier internet backbones, and more. We want to ensure that, should the worst happen, your data (and access to it) is secure.
We recognize you are entrusting your data to Church Community Builder. It’s critical for your staff, volunteer ministry leaders, and members to have access that provides technological security and enforces human security.
Church Community Builder uses the high-grade 256-bit SSL encryption certificates for access to all user data and user logins and processing financial transaction data. These enterprise-level certificates through Comodo Enterprise SSL provide assurance that your data is protected between our servers and your computer.
On the user end, we require that all individual logins require at least one numeric and one alpha character and that their password must be at least six characters long to further ensure the security of the data. In addition, after five unsuccessful attempts at login, the user’s account is locked for a 60-minute period. In addition, we automatically log users out of an unused session after six hours of inactivity to prevent unauthorized access.
Church Community Builder was designed from the ground up to give you control over how each person is able to access your data. User permissions can vary from Limited Access Users that cannot see any people in your database, to Basic Users with the ability to see other listed individuals, small group leaders with access to individuals and data in their groups, and all the way up to granular control with over 100 different areas of access for administrators.
Hardware & Software
Security and reliability depend on great, equipment. Church Community Builder uses genuine Dell Poweredge servers, many running redundant SCSI hard drives, redundant power supplies, error-correcting memory, and dual to quad core processors. Network connectivity is provided through Cisco and Dell PowerConnect switches, in addition to specialized hardware for SSL acceleration, load balancing, and firewalls.
Our servers run Linux, have stable kernel and services running, and are updated with security patches. Non-essential ports and services are disabled to further harden the servers. The web and application servers are then placed behind load balancers and firewalls to further limit access to the data and provide reliable services.
Finally, the actual data is stored on database servers which sit behind the redundant load balancers, which sit behind the redundant firewalls, which reside in a physically secure environment (locked server cages, doors, keycard access, etc...). Further, access to the trusted network is limited to authorized Church Community Builder staff only through secure methods such as SSH and secure VPN.
Church Community Builder retains daily backups for weeks and weekly backups for months on local network storage for restoration purposes. Live offsite data replication is performed instantly through a secure VPN tunnel to our redundant data center in the unlikely event that catastrophic events occur that render our primary data center unavailable.
Church Community Builder does not own or have any rights to any data that the customer submits as a result of using the service. Church Community Builder will not monitor, edit, or disclose any information regarding the customer or customer’s database without the customer’s express written permission except as may be required by law.
The Benefits of Software as a Service (SaaS)
Church Community Builder was built from the ground up to utilize the power of the Internet. Gone are the days when it was OK to have an assistant enter all of the church member data and create reports to get that information back out. Churches in today’s world need the ability to empower volunteer leaders, to communicate instantly and dynamically, and to build community. The traditional church management software cannot provide this; Church Community Builder can.
Lower Cost of Maintenance
Your church does not have to maintain the physical equipment or logical systems that ensure security, resilience, and responsiveness that exist when hosting a solution from your church office. Nor does the church have to put additional strain on their IT departments or volunteers to install and maintain applications or infrastructure.
One of the additional benefits to hosting a solution such as Church Community Builder is a built-in Disaster Recovery plan, which would protect your data regardless of hardware issues, office fires, flooding, or other scenarios that might take place at your local church or data center. Any internet access, from any location, will give you access to your Church Community Builder software.
No Cost For Updates
By using a hosted software, updates are automatically loaded to your application as they come available, ensuring that you have the latest version. No more manual upgrades or updates to infrastructure or software.
We use a LAMP stack (employed by Facebook, Twitter, Digg, and many others) to power our software. LAMP stands for:
- Linux servers (operating system)
- Apache web server to power the websites
- MySQL database servers for data engine
- PHP programming language for the application