On a fairly regular basis we receive questions related to the security of the data stored within Breeze. And this is a great question and one you should be asking – after all you owe it to the people connected to your church to ensure their personal data is protected. We’ve put this article together to outline the measures we take to ensure the security of your data.
Breeze uses an HTTPS SSL encrypted connection in a PCI compliant datacenter for nearly all data sent back and forth. This is the same standard used for transferring credit card data. This protects against malicious actions such as “man-in-the-middle” attacks where an individual attempts to intercept the message. An encrypted connection means that only the correct recipient is able to read the data.
We back up the database every 24 hours. Our back ups also allow us to restore your database if you or another individual accidentally deletes data that should have been retained. We also back up the filesystem every 24 hours which creates a back up of all content as well as a redundant database backup.
We want to be sure your data is safe - both on a server level and on an application level. To aid in this effort, Breeze routinely undergoes PCI compliance scans as well as penetration testing to help keep your data safe.
You’re able to create multiple user accounts, each having their own set of permissions, so tha each user only has access to what he or she should have access to. Common scenarios for this are restricting the majority of staff from seeing contribution information or preventing certain users from adding or deleting people. All user accounts also have a password that’s needed to log in. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Administrators can also determine if a user should be automatically logged out after a certain amount of inactivity. Different users can have different settings so that if desired, users with access to more sensitive data can be logged out sooner than those with less privileges. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Some churches like the peace of mind in knowing their data is backed up locally on their own computer. Breeze allows you to export key data into Excel files whenever you’d like (here's instructions on how to export this). Additionally, we assume no one likes to feel trapped and so if for some reason you find you need to switch from Breeze to something else (which we hope you won’t :)), this makes it easy to pack up your data and take it elsewhere.
Credit card data is extremely sensitive and we work hard to ensure it is stored securely. In fact, we don't even store full card numbers on our servers nor do we have access to them. Instead that data is securely stored by our payment processor (Stripe) as they specialize in areas like this. Stripe is one of the industry leaders in online payment processing and you can read more on their security here.
We’re big fans of focusing on what we do well (software) and letting others focus on what they do well (hardware). As a result we use an extremely high quality commercial datacenter for reliable security and speed. Datacenters are given a Tier 1 - 4 rating, with 1 being the lowest/worst rating and 4 being the highest/best.
Breeze operates in a tier 4 datacenter. The tier breakdown is as follows:
The datacenter is located in southern California. For those of you interested in even more specifics on the datacenter, here are a few useful links:
Looking for church management software that is specifically designed to serve your small or mid-sized church? We'd love to show you what we've built!
Click the button below to start an instant live demo of Breeze.