Yes! Double the Donation backs up its database data every hour to multiple sources via encrypted channels. We regularly test backups on a spare server to ensure that our backups work, and that they can be quickly restored when necessary.

Does Double the Donation monitor its systems and software?

Yes! Our operations teams monitor software and application behavior 24x7x365 using industry-recognized solutions with multiple notification systems in place, including services like Uptime Monitor and Sentry.io. We have multiple personnel able to respond to downtime and restore services.

Application Security

Does Double the Donation encrypt data in transit?

Yes! Sessions between you and your portal are always protected with top end in-transit encryption, advanced TLS (1.2) protocols, and 2,048-bit keys.

Does Double the Donation incorporate security into its software development lifecycle (SDLC)?

Yes! Double the Donation's code is high quality from conception to deploy. We ensure development best practices are implemented across our ongoing code pushes. Responsive software development means new features, resiliency improvements, and bug fixes arrive continuously and seamlessly.

Datacenter Protections

Are physical security protections in place to protect data?

Yes! Double the Donation's products are hosted with the world’s leading data center providers. Access to these data centers is strictly controlled and monitored by security staff, tight access control, and video surveillance. Our data center partners are SOC 2 Type II and ISO 27001 certified and provide N+1 redundancy to all power, network, and HVAC services.

Software Security

Can the Double the Donation software respond quickly to new security needs or threats?

Yes! Between our streamlined, rapid approach to application delivery and our highly automated server infrastructure, Double the Donation quickly addresses security issues as they arise. These technology and process structures allow Double the Donation to rapidly adapt as new threats are identified.

Does the Double the Donation infrastructure detect and prevent attacks?

Yes! Double the Donation uses enterprise-grade firewalls, routing, intrusion prevention, and behavior analytics capabilities to protect infrastructure and thwart attacks.

Does Double the Donation rapidly patch and update when vulnerabilities are identified?

Yes! Double the Donation's patch management process pushes security updates fast and consistently.

Does Double the Donation have an incident response program?

Yes! Double the Donation's incident response program is responsive and repeatable. Incident process flows and investigation data sources are pre-defined during recurring preparation activities and exercises and are refined through investigation follow-ups. We use standard incident response process structures to ensure that the right steps are taken at the right time.

Audits, Vulnerability Assessment & Penetration Testing

Does Double the Donation have a repeatable process for discovering and quickly correcting security bugs?

Yes! We test for potential vulnerabilities continuously in all layers of the technology stack. Dynamic application scans, static code analysis, and infrastructure vulnerability scans are run regularly.

What security is in place at Double the Donation's data centers?

Our data center providers maintain ISO 27001, SOC2 Type II, and many other certifications.