We're so glad that you're asking questions related to the security of the data stored within Breeze. This is a question you should be asking – after all, you owe it to the people connected to your church to ensure their personal data is protected. We’ve put this article together to outline the measures we take to ensure the security of your data.
Breeze uses an HTTPS SSL encrypted connection in a PCI-compliant manner for data sent back and forth. This is the same standard used for transferring credit card data. This protects against malicious actions such as “man-in-the-middle” attacks where an individual attempts to intercept the message. An encrypted connection means that only the correct recipient can read the data.
Consistent Back Ups
We back up our databases every 6 hours. We also back up our codebases and user-uploaded media every 24 hours, which creates a backup of all content.
We want to be sure your data is safe - both on a server level and an application level. To aid in this effort, Breeze undergoes ongoing penetration testing to help keep your data safe.
User Accounts & Permissions
You can create multiple user accounts, each having its own set of permissions so that each user only has access to what he or she should have access to. Common scenarios for this are restricting most staff from seeing contribution information or preventing certain users from adding or deleting people. All user accounts also have a password needed to log in. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Automatic Log Out
Administrators can also determine if a user should be automatically logged out after a certain amount of inactivity. Different users can have different settings so that, if desired, users with access to more sensitive data can be logged out sooner than those with fewer privileges. If you’re interested in more details on how these permissions work, check out our video on users and roles.
Store Data on your Own Computer
Some churches like the peace of mind in knowing their data is backed up locally on their own computer. Breeze allows you to export key data into Excel files whenever you’d like (here are instructions for exporting this). Additionally, we assume no one likes to feel trapped and so if for some reason you find you need to switch from Breeze to something else (which we hope you won’t :)), this makes it easy to pack up your data and take it elsewhere.
Online Giving Security
Credit card data is extremely sensitive, and we work hard to ensure it is stored securely. We don't even store full card numbers on our servers, nor do we have access to them. Instead, that data is securely stored by our payment processor (Stripe), which specializes in areas like this. Stripe is one of the industry leaders in online payment processing, and you can read more about their security here.
If you choose to embed a Breeze Online Giving form in your website, we recommend you get an SSL Certification on your website. Your church website acts as another layer in which malicious users can try to intercept personal data. The encrypted connection means that only the correct recipient can read the data. Check with your domain name registrar to see if digital certification is available for purchase, or go through a reliable SSL certificate authority to secure your church website today.
Cloud Hosting Partner
We’re big fans of focusing on what we do well (software) and letting others focus on what they do well (hardware). As a result, we use the leader in cloud hosting: Amazon Web Services, to provide state-of-the-art consistency in terms of performance and security.
Note: Breeze has never experienced a security breach that has exposed client data. We take extensive measures to protect the sensitive information of our organizations!