Overview: DonorPerfect Online Security

Network Reliability, Hardware Redundancy, and Data Backups

The events of 9/11 revealed the devastation that can be caused by a single, malicious event. However, most catastrophic events that threaten enterprise applications are actually of natural origin. Floods, fire, and earthquakes can inflict devastating amounts of damage on facilities and equipment. DonorPerfect Online provides network, facility backup and disaster recovery options that ensure maximum availability and high integrity of application data.

Peer1 provides a fully redundant network architecture with high-speed connections between all of its multiple locations and the internet itself. Uninterruptible power supplies, multiple power grid suppliers, backup generators, and numerous other redundant power options at Peer1 data centers ensure that power is never interrupted.

The Peer1 Network: Fast, Efficient, and Accurate Data Transport

The powerfully-built Peer1 Global Network uses the best, most up-to-date technologies to provide fast, efficient and accurate data transport. The network was designed and built by Peer1 engineers for one purpose: to move internet traffic - fast.

With more direct paths, routing options, multiple Tier 1 upstream providers, and peering relationships with over 1,000 networks, Peer1 speeds your data to its destination with fewer hops, less packet loss and fewer delays. You get guaranteed high performance, plus 24/7/365 network monitoring by a state-of-the-art Network Operations Center (NOC) - all backed by the strength of a trusted and stable industry leader.

The Peer1 "FastFiber" network features 21 points of presence and 17 data centers, with locations in 16 of the heavy fiber corridors in the US, Canada, and Europe. The network is fully internet Protocol 6 (IPv6) ready and includes fully-redundant links, routers, and switches worldwide. So, whether you're a large multi-site fundraising operation or simply need to support multiple users across a LAN, as long as your data is traveling on the Peer1 Network, you'll have the performance and reliability you need to keep your business moving.

Built-in Redundancies

The Peer1 Network is your seamless connection to the world. The Network features densely meshed paths between most major network points, both domestically and internationally.

From its inception, Peer1 took network redundancy seriously, building at least two connections, each from a different carrier, at many of the major points in the network. Because Peer1 multiple carriers, the network is not reliant on one vendor in the event of an outage. These geographic and carrier redundancies ensure that your data will keep moving, even if a link fails. In addition, private peering relationships with more than 1000 peering partners provide multiple routing paths for continuous, uninterrupted transport - allowing your data to bypass the congestion of the public internet and get to its destination fast.

Superior Network Support

Peer1 has 24/7/365 network monitoring at its state-of-the-art Network Operations Center (NOC) which provides real-time alarming, forecasting, traffic management, event notification, upgrades and service level agreements. The NOC also furnishes real-time network status reports to Peer1 Customer Care, enabling fast, highly responsive, single point-of-contact problem resolution.

Automatic Backups

DonorPerfect Online provides daily full disk backups of all data. Full database backups are stored off-site in geographically dispersed locations as an added means of recovery should it be needed. Production servers have RAID5 or RAID 10 disk storage and contain multiple power/cooling modules and peripheral power supplies. CPU, memory, I/O boards, and hard drives are all hot swappable, minimizing downtime.

On-call support staff is available 24 hours a day, 7 days a week, 365 days a year at Peer1 to ensure any service problems are handled promptly.

DonorPerfect Online has a comprehensive disaster recovery plan in place, should our primary physical site become inoperable.

---

Unauthorized Data Interceptions

All DonorPerfect Online communication is secured with 128-bit Secure Sockets Layer (SSL) encryption, an industry-standard level of security and privacy for those wishing to conduct secure transactions over the internet. The SSL protocol protects HTTP transmissions over the internet by adding a layer of encryption, ensuring that your transactions are not subject to "sniffing" by a third party. Only your users, with the right combination of a DonorPerfect Online ID and Password, can access your data.

SSL is used in tandem with a digital certificate. This digital certificate gives you the assurance that you are connecting only to a legitimate DonorPerfect Online server, and not that of an impostor. The certificate contains information about who owns and authorized the certificate (company name, domain name, contact address, etc.), encryption levels used, as well as information about the issuing Certificate Authority. DonorPerfect Online uses certificates generated by VeriSign, the world's largest provider of authorized digital certificates.

---

Hacking Intrusions/Denial of Service

Unauthorized Intrusion (commonly called "hacking") generally takes one of two forms. One form can be an attempt to gain unauthorized access to data or the application. Another form can be an attempt to deny service to other users by tying up server resources or disabling the server.

Unauthorized Access - Authentication via username and password provides assurance that a client requesting information is the entity it claims to be. In DonorPerfect Online, you control the IDs and passwords for your organization - and can adjust key parameters such as how often passwords must be changed and how much notification you want your users to receive.

Access control settings allow you to limit the functionality available and types of information that someone can access after being identified as an authorized user on the system. This allows you to set up users who can only access certain areas of the application, perform only certain tasks, or see only certain information. For example, the system administrator has rights to all areas, while a volunteer may have read-only access to volunteer information.

Database activity logs record information about the username, time of login and logout, the user's IP address, and other information about each DonorPerfect session. This data can be used for auditing purposes and to provide admissible evidence in court proceedings.

Intrusion Detection and Denial of Service - Monitoring of the DonorPerfect Online application and the hosting environment is performed 24 hours per day by a combination of staff and automated intrusion monitoring software. This combination of the latest technologies in detecting intrusion, and staff skilled in responding to and thwarting denial of service attacks, ensures that you will have uninterrupted service.

---

Physical Site Protection

Peer1 data centers are physically secured server facilities designed to keep your fundraising information safe. Facilities have keycard and biometric entry, video surveillance and are staffed by technical support people 24 hours a day, 7 days a week. The physical servers are located in a temperature-controlled, locked cabinet that can only be accessed by technicians for authorized maintenance. All maintenance activity is pre-authorized, scheduled during off-hours maintenance windows, and all technicians are required to pass background screenings prior to access.

---

An Independent Attestation of Security

SofterWare and DonorPerfect regularly engage highly-reputable, external security assessment organizations to perform detailed reviews and penetration testing of our infrastructure, hosting, and software in order to provide the highest level of assurance that our applications are secure.

In December of 2011, PivotPoint Security, an independent security assessment organization with extensive experience in the non-profit industry, was engaged to perform such an assessment and provide a letter of attestation. The test included an extremely detailed review of the DonorPerfect software and server infrastructure environment. (A copy of their attestation is included below - an original authenticated copy is available to you on request).

PivotPoint's review determined that "SofterWare's external systems were secured at a level consistent with industry best practice, and above that of peer organizations that we have tested."

The team responsible for conducting the security assessments was led by a Certified Information Security Auditor/IRCA ISO 27001 Auditor and included personnel appropriately qualified to render an opinion (e.g., Certified Information System Security Professionals, Microsoft Certified System Engineers, Certified Ethical Hackers, etc.)

---

Conclusion

Moving critical fundraising applications to the internet requires a known, trusted partner. For over 30 years, SofterWare has provided more than 13,000 clients with the stability and security that they need. DonorPerfect Online continues this legacy and is committed to earning and keeping that trust, utilizing our staff's extensive expertise and our powerful relationship with Peer1 to keep your data safe and secure. By allowing us to secure your data, you can focus on your core fundraising needs, and continue to grow your fundraising success.