Security for Mobile Fundraising and Donor Data

Outside of transparency there is no more important operational tenant to serving our nonprofit customers than providing them and their donors the most secure environment possible as they communicate, engage and fundraise.

MobileCause adopts a defense in depth approach to security. This means we consider security from multiple views, and layers.

Security Principles

Information confidentiality, integrity and availability form the main security principles for MobileCause.

Information systems are classified in three segments: hardware, software and communications. Information security industry standards are applied to three layers: physical, personal and organizational. Procedures or policies are implemented to tell people how to use products to ensure information security within the organizations

Risk Management

Defense in depth is a security principle where multiple layers of security are used within information systems and organizations. In this manner, if one layer of security is compromised, many more layers must be breached before unauthorized personnel gain unauthorized access to systems or data. These layers can be represented as follows:

Physical/Organizational security

Fences, barriers, guards for IT assets
Background checks
Formal, enforced security policy
Network security

Firewall

Access Control Lists (ACLs), privileges, etc.
Encryption (e.g. SSL, etc.)
Host/server/computer/operating system (OS)

Virtual Private Network

Principle of least privilege applied
Intrusion Detection/Prevention (IDS/IPS)
OS updates, Anti-virus, etc.

Application security

Strong password policy and management
Secure coding practices
Penetration testing

Contact us to get started using secure mobile fundraising and donor data tools