SOFTWARE SECURITY OVERVIEW
EASY TO ASSESS.
Ovrture maintains a populated Higher Education Community Vendor Assessment Toolkit (HECVAT) and Consensus Assessment Initiative Questionnaire (CAIQ) questionnaires which comprehensively capture our security and data protection architecture and configuration. We also partner with CyberGRX to provide answers to over 400 security questions. While we are happy to work with your compliance teams, they typically appreciate being able use this as a starting point in their evaluation of our security & risk profile.
WE PROTECT YOUR DATA.
All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that administrators and users upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.
ENCRYPTED IN TRANSIT & AT REST
All communication between your local device and our servers is encrypted in transit using HTTPS. All user data, record data, text, images, documents, and files that you upload to our platform are kept in encrypted storage, filesystems, and databases. Even our backups are encrypted.
MAXIMUM SOFTWARE SECURITY THROUGH MINIMAL DESIGN.
The platform’s architecture was carefully designed and executed to expose the minimum possible number of access points, thereby ensuring maximum security.
FULL REDUNDANCY FOR ALL
We operate at full redundancy on the Amazon Web Services Cloud. Our systems are engineered to stay up even if multiple servers fail.
REGULARLY UPDATED INFRASTRUCTURE.
Our software infrastructure is updated regularly with the latest security patches. Our platform runs on a cloud infrastructure that is locked down with firewalls and carefully monitored. While perfect security is a moving target, we work with security researchers to keep up with the state of the art in web security for major donor communications software.