Is Your Foundation’s Data Safe?

Keeping yours, and other peoples, data safe is becoming more and more important in our ever-connected world. As a foundation, the data that you have stored is extremely important and sensitive. It can contain vital information on the causes that you are funding and even those that didn’t make the cut. GDPR has been in place for just short of a year, so we wanted to refresh everyone’s memories on how to best keep your foundation’s data safe and GDPR compliant.

GDPR Reminder

GDPR effects how your foundation runs from the very first contact with someone…

It starts with how you collect personal data. For foundations, this is often involved in the application process. When they submit their application for funding, receiving their consent to use their data is extremely important. Having a link to your privacy policy is no longer enough. Instead, it must be clear that if personal data is shared, that the third parties are named.

Opting in and out of things is more of a marketing problem, so may not affect your foundation too much. However, this is still something to consider. GDPR stats that the individuals choice to say no is of paramount importance. Some forms of communication are allowed before someone opts-in, however, opting out has to be an option. When opting to join a mailing list or other forms of communication, there must be no pre-ticked boxes. It must be a choice from the provider to tick it or to leave it clear.

“silence, pre-ticked boxes or inactivity should not constitute consent”

Storing data also changed with the implementation of GDPR. Firstly, there must be a limit on how long peoples personal data is being kept for. On top of this, people have been ‘given the power back’ by now being entitled to ask for the data you have on them as well as being able to have all of their data deleted from your storage.

When it comes to applications and the information freely offered from potential funding opportunities, security goes further than just GDPR. Having such sensitive information such us budget fees, names, dates, information on the projects and who is working on them, and the list goes on!

Lots of foundations simply use documents to store this information. Excel sheets or google docs, which hackers find easy targets for their ‘games’. This why many foundations are changing the way they work, from spreadsheets to a streamlined solution.

Implementing a software at your foundation can limit the risk of a data breach by adding an extra security wall. If you take the Optimy Solution, for example, there are many things put in place to make sure that you are both GDPR compliant as well as the top security applications and coding to make sure your data is 100% safe.

How can a software keep your data safe?

There are many things at play when trusting a software with all your information and checking what security measure a company has put in place will help you with this.

Here at Optimy, we use Cloudflare to tackle any DDoS attacks that may occur. Cloudflare also protects, speeds up, and improves availability for web applications. It does this through an intelligent global network comprised of 165 Data Centers spread across the world. The network automatically optimises web and mobile pages ensuring visitors get the fastest page load times and the best performance possible. Cloudflare also has the advantages of WAF protection, distributed SSL (Secure Sockets Layers) to all customers AND caching for temporary storage.

Another system that the Optimy solution has in place is RIPS. RIPS is a technology leader in static application security testing. Static analysis (or static application security testing) is performed solely on the source code of an application without executing it. The complete source code is transformed into an abstract model that is then analyzed for security vulnerabilities. More precisely, taint analysis follows the data flow of user input that the application receives across file and function boundaries. If user input is used in a security-sensitive operation (such as a SQL query) an attacker could malform this operation and thus a security vulnerability is reported (e.g. a SQL injection vulnerability).

The use of a software really is the best way to keep your collaborators and your own data safe. These are just two of the features that Optimy has put in place to make sure that our users have the most secure and streamlined experience. On top of Cloudflare and RIPS, Optimy also uses AWS, code sniffers, Rollbar and our amazing Developers – who you can see on our Team Page!

Making impactful projects easier since 2011.
Optimy is the most customer-centric software
for sponsorship and grant management.
Collect, select and manage all your projects
in one single tool.