Security
BetterNow's products and infrastructure have been designed with a strong focus on security. You will trust us with your supporters personal data and we don't take that responsibility lightly.
The security of your supporters data is the most important factor in any product and infrastructure decision made by BetterNow.
Below we have outlined some of the security measure we take in order to secure your supporters data.
Secure passwords
We use a combination of logins via OAuth2 with Facebook and Google as identity providers as well as email/password-based authentication. Passwords are scanned against an archive of known breached passwords and are blocked if they have been exposed in a breach. 8 characters is the minimum password length. Passwords are protected by Bcrypt. MFA (Multi Factor Authentication) is required for our employees on all systems, and for our customers' administration level users. Non-admin users can enable MFA but it is optional.
Account verification for users
Administrative users are required to validate their accounts via a link provided in an automated email.
Guards against attacks
We run a proxy in front of that application that blocks many classes of attacks. In addition, we rate-limit all requests and rate limit e.g. sign-in and password change endpoints with an even lower rate to guard against credential-stuffing attacks.
Permanent deletion
Users can delete fundraising pages from the self-service platform if they have the appropriate access rights. The self-service platform has all features necessary for users to delete data and be compliant with GDPR.
Personal data storage
All personal data is stored in the EU region.
High availability
We ensure high availability with automated and manual testing, production monitoring, logging and alerts, fast continuous deployments, and industry-standard cloud infrastructure.
Hosting and storage of personal data
The data processor’s services and data are hosted in Amazon Web Services facilities in the EU (EU-west-1).
Encryption of personal data
Personal data is encrypted while moving between the BetterNow and the browser with Transport Level Security (TLS).
At rest: Personal data processed on behalf of customers only resides in the production environment encrypted with AES-256.
In transit: Network communication uses TLS, and it is encrypted and authenticated.
Vulnerability scanning and production patching
We scan dependencies for known vulnerabilities multiple times daily (with every change to the application. In addition, we upgrade all dependencies for non-security issues once a day.
We write and maintain automated tests for security issues such as SQL injection, cross-site scripting, etc.
Critical and High patches are incorporated and tested as soon as the data processor is aware of them, including on evenings and weekends.
Lower criticality patches are applied and tested on weekdays.
It is the hosting provider (AWS) that manages OS updates for infrastructure and patches/updates are applied daily.
Backup and logging policy
Our backup processes ensure data and information consistency with the highest standards. We use Heroku for the backup of datastores that contain personal data . Data is backed up continuously and in addition, off-site back-ups are done daily. On an application level, we store logs for activity in a centralised log solution.
Incident response
We transparently update our customers during incidents via our status website and directly via our support system.
We follow GDPR rules for notice times in case of incidents. The Danish 'Datatilsynet' will be notified latest after 72 hours and all data controllers will be notified as soon as possible after the first initial assessment has been made.
Monitoring, logging and audit trail
We log every user action performed in the system with a full audit trail. All logs are sent to a centralised log management solution where we have configured anomaly detection and alerting.
Continuous delivery
We have a state-of-the-art agile software development lifecycle methodology and change management procedures. The data processor’s deployment method requires no downtime for the application.
Role-based access
The data processor’s employees’ levels of access are determined by the role and follows the least-privilege principle.
Secure access
The data processor uses SSO (single sign-on), enforced password policy and VPN (virtual private networks) to ensure employees have secure access to the system.
Multi-factor authentication
The data processor enforces multi-factor authentication for all privileged access and on all systems.
Security at employees’ devices
All employees’ devices are required to be set up with full disk encryption, mandatory MF, and to have inbound & outbound firewalls in place.
All devices have the strictest possible Autolock settings in place. All employees do daily OS and web browser updates.
Confidentiality
All employee and contractor agreements include a confidentiality clause. Vendors
Vendor selection
All the data processor’s vendors offer industry-leading products and go through a security evaluation to ensure their practices fit our security and compliance standards.
VSA
The data processor has completed the Vendor Security Alliance (VSA) Core self-assessment questionnaire, which is available on request.
GDPR
GDPR is baked into the data processor’s business processes, security policies and employee training. GDPR check is part of the data processor’s risk assessment and internal audit. Personnel
BetterNow is grateful for the contributions to software security made by security researchers in our industry. If you believe you have discovered a security vulnerability in BetterNow, please contact us directly at security@betternow.org. You are welcome to use our PGP key.
BetterNow would like to thank the following individuals for disclosing security issues to us and giving us ample remediation time:
