BBNC 7.1 - Focus On Security
Published
Hello again!
As I mentioned last week, the NetCommunity team has been working diligently on our next release which will be available in October. As part of our normal product improvement processes, we review our security measures, protocols, and infrastructure on an ongoing basis. Every release is tested and we strive to certify our products with the current payment industry standards for PCI-DSS and PA-DSS. BBNC 7.0 added support for TLS 1.2 which was required for PCI-DSS 3.1 compliance.
We are pleased to provide some advance notice of changes in the upcoming Blackbaud NetCommunity version 7.1, which will comply with Payment Application Data Security Standard (PA-DSS) version 3.2, released by the PCI Security Standards Council in June 2016.
More information about PA-DSS v 3.2 is available via press release from the PCI Security Standards Council: https://www.pcisecuritystandards.org/pdfs/PA_DSS_3.2_Press_Release.pdf
As a result of this recent update to the PA-DSS standards, we have made some changes in BBNC 7.1 -
Pallavi Paranjape
Product Manager – Blackbaud NetCommunity
As I mentioned last week, the NetCommunity team has been working diligently on our next release which will be available in October. As part of our normal product improvement processes, we review our security measures, protocols, and infrastructure on an ongoing basis. Every release is tested and we strive to certify our products with the current payment industry standards for PCI-DSS and PA-DSS. BBNC 7.0 added support for TLS 1.2 which was required for PCI-DSS 3.1 compliance.
We are pleased to provide some advance notice of changes in the upcoming Blackbaud NetCommunity version 7.1, which will comply with Payment Application Data Security Standard (PA-DSS) version 3.2, released by the PCI Security Standards Council in June 2016.
More information about PA-DSS v 3.2 is available via press release from the PCI Security Standards Council: https://www.pcisecuritystandards.org/pdfs/PA_DSS_3.2_Press_Release.pdf
As a result of this recent update to the PA-DSS standards, we have made some changes in BBNC 7.1 -
- Site-wide secure pages (via https) is now required. Https-only is fast becoming an industry standard protocol. This option has always been available to you via an Administrative configuration setting in NetCommunity. if you have not been taking advantage of this setting, click here to see how you can enable We recommend that you enable site wide secure pages as soon as possible, so that you can make any adjustments needed to your website. BBNC 7.1 will permanently enable site-wide secure pages (over https). This means that all NetCommunity pages now will be rendered only over https. Click here to see the full FAQs on how this may affect your websites.
- We have also changed the way BBNC encrypts and stores passwords. This change will be transparent to most organizations. However, any third-party integrations that use Single Sign On for authentication might be affected. You will need to engage those third-parties to review the changes required by PA-DSS v 3.2 and determine how they might affect integration with NetCommunity.
Pallavi Paranjape
Product Manager – Blackbaud NetCommunity
News
Blackbaud NetCommunity™ Blog
10/04/2016 1:11pm EDT
Leave a Comment
No. Donors will not be required to logged in or even register before they make a donation. Donation pages and any other transaction pages (such as events, membership, user registration, etc.) are already secure and will not be impacted by any of the security changes coming in BBNC 7.1.
Best,
Pallavi Paranjape