Keeping Your Data Secure with Blackbaud Hosting Services

Published
One of the top priorities of Blackbaud Hosting Services is to provide a continuous, secure environment to our customers by protecting the confidentiality, integrity, and availability of data. Our process starts with a regular assessment of risks. Then, we undergo rigorous monitoring and testing, both internally and externally using qualified and certified independent third parties. We promote security awareness to all those who work in Blackbaud Hosting Services, and finally, integrate any necessary changes using our robust change management process. All this occurs under the guidance of our dedicated CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), and CISM (Certified Information Security Manager) certified security staff. We also meet industry security standards, such as PCI-DSS, SOC1, SOC2, and SSAE16 with offsite storage and data backups to ensure data security. Below are some of the key ways in which we adhere to continuous information security practices:

•             Infrastructure Security: Firewalls, monitoring, network isolation, intrusion detection and prevention

•             Personnel Security: Employee and vendor screening, education, monitoring

•             Physical Security: On premise security guards, locked server cages

•             Communications and Operations Management: Segregation of duties, operational procedures

•             Access Control: Account management, passwords, authorization procedures

•             System Development and Maintenance: System hardening and testing

•             Strong Encryption: 256 bit SSLv3 or better

•             Compliance: PCI-DSS compliance and AICPA trust services principles

 

In order to ensure complete security for client data and the personal information stored within, Customer Support has listened to feedback from our customers and changed our practices toward requesting customer credentials for troubleshooting. In some instances, Support may still request username information to resolve specific issues, such as password resets, but we will not request password information. In the event troubleshooting a specific issue requires access to the database, we will instead request that an administrative user create Blackbaud-specific test credentials. This allows the user to continue working in their personal account while we test a particular issue in a Blackbaud-specific account.  When customers set up the test account themselves they retain control over approving or removing these rights to their data and it ultimately allows them to take more ownership of this information. Steps on creating a Blackbaud test account can be found in the Knowledgebase solution, How to add or delete a Blackbaud Application Hosting user (includes video).

If you have questions, please create a case on Case Central, choose your product, and select the Blackbaud Application Hosting topic or contact our Hosting Support team using our chat feature.

Are you new to the hosting environment or a new administrative user? Sign up for our free Hosting Webinar!
News ARCHIVED | Hosting Blog 10/09/2013 8:11pm EDT

Leave a Comment

Check back soon!

Share: