On a fairly regular basis we receive questions related to the security of the data stored within Breeze Church Management™. And this is a great question and one you should be asking – after all you owe it to the people connected to your church to ensure their personal data is protected. We’ve put this article together to outline the measures we take to ensure the security of your data.
Breeze uses an HTTPS SSL encrypted connection in a PCI compliant manner for all data sent back and forth. This is the same standard used for transferring credit card data. This protects against malicious actions such as “man-in-the-middle” attacks where an individual attempts to intercept the message. An encrypted connection means that only the correct recipient is able to read the data.
We back up our databases every 6 hours. We also back up our codebases and user-uploaded media every 24 hours which creates a backup of all content.
We want to be sure your data is safe - both on a server level and on an application level. To aid in this effort, Breeze undergoes ongoing penetration testing to help keep your data safe.
You’re able to create multiple user accounts, each having their own set of permissions, so that each user only has access to what he or she should have access to. Common scenarios for this are restricting the majority of staff from seeing contribution information or preventing certain users from adding or deleting people. All user accounts also have a password that’s needed to log in. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Administrators can also determine if a user should be automatically logged out after a certain amount of inactivity. Different users can have different settings so that if desired, users with access to more sensitive data can be logged out sooner than those with less privileges. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Some churches like the peace of mind in knowing their data is backed up locally on their own computer. Breeze allows you to export key data into Excel files whenever you’d like (here's instructions on how to export this). Additionally, we assume no one likes to feel trapped and so if for some reason you find you need to switch from Breeze to something else (which we hope you won’t :)), this makes it easy to pack up your data and take it elsewhere.
Credit card data is extremely sensitive and we work hard to ensure it is stored securely. In fact, we don't even store full card numbers on our servers nor do we have access to them. Instead that data is securely stored by our payment processor (Stripe) as they specialize in areas like this. Stripe is one of the industry leaders in online payment processing and you can read more on their security here.
We’re big fans of focusing on what we do well (software) and letting others focus on what they do well (hardware). As a result we use the leader in cloud hosting: Amazon Web Services to provide state of the art consistency in terms of performance and security.