Blackbaud Sphere IT System Security Overview
 
The Blackbaud Sphere platform provides a highly redundant, robust, and scalable enterprise-class network infrastructure. We leverage the best partners in the industry with state-of-the-art technology to deliver a solution that emphasizes security, availability, scalability and performance.
  • We utilize service provider level enterprise firewalls and intrusion detection solutions to prohibit unauthorized access to our systems.
  • We protect confidentiality of your data by encrypting sensitive information with 128-bit Secure Socket Layer (SSL).
  • We build information security into our systems using internationally recognized security standards (ISO-27001), regulations, and industry-based best practices.
  • We employ strong authentication controls following guidance provided to us by PCI-DSS  and Visa’s cardholder information security program.
  • We require our employees to take information security awareness training and apply this training to their daily work.
  • We locate our critical applications in data centers that have obtained a SAS 70 type II certification
Additional details outlining specific physical, administrative and technical safeguards can be found listed in appendices under the following headings:
  • Data Center
  • Application infrastructure/Architecture
  • Data Storage and Protection
  • Security
  • Management and Monitoring
 
APPENDIX-A
Data Center
 
Our data centers are engineered to incorporate multiple levels of security and redundancy, ensuring maximum availability of our mission-critical applications, and designed to meet the complexity and needs of our business.
  • State-of-the-art, enterprise-class facility that is SAS 70 Type II Certified Primary data center located in Irvine, California.
  • Backup data center located in Boston, Massachusetts. (provides greater geographical diversity).
  • Physical access and security monitored 7/24/365 by on-site personnel with live-action video cameras
  • throughout the facility, card key only entrance with automated logging of all entries, and two-factor biometric authentication.
  • Environment controls include redundant HVAC systems with separate cooling zones, and VESDA .
  • Power redundancy from two different substations and availability via underground feeds from the electric utility, uninterruptible power supply, and diesel generators with 72 hours of backup fuel.
  • Diverse, multi-vendor telecommunications access for redundancy.
  • Internet connectivity at the primary site is provided by three separate connections to the Internet in a multi-homed configuration so that traffic is directed to the most available carrier. A high bandwidth burstable uplink is provided to handle any unexpected performance demands.
     
APPENDIX-B
Application Infrastructure/Architecture
  • Applications run on a high availability load balanced Server Farm
  • High availability design using latest technologies for load balancing, clustering and redundancy to assure full replication of data and full redundancy of all physical network equipment.
  • Redundant application, database and web server clusters.
  • All servers are enterprise class, with multi-processors.
  • Separate in-bound and out-bound email servers.
  • The payment servers are directly connected to third party payment processors (FDMS, Paymentech and American Express). The payment processor connections are over redundant frame relay links.
  • All critical systems are fully backed by vendor support agreements and rapid replacement contracts.
  • 24 x 7 health and performance monitoring; high availability, system uptime, with regularly scheduled maintenance.
  • Secure file import/export technology
  • Multiple Internet connections that provide automated failover in case of loss of Internet connectivity through a single provider.
 
APPENDIX-C
Data Storage and Protection
  • All data stored on enterprise level Storage Area Network (SAN) technology
  • Data stored on fiber channel SAN devices.
  • Daily incremental, full weekly and monthly  backups with off-site storage.
  • Off-site backups are transferred over a secure high speed circuit to our back up data center and stored at a secure Iron Mountain facility
  • The tape from the last week of the month is permanently archived.
  • Tapes are kept onsite in a tape library during use; we have a 30-day rotation cycle of all non-permanently archived tapes. 
  • Each unique database is also copied in near real-time applications to  standby servers.
APPENDIX-D
 
Security
  • The hosting environment is protected by enterprise level firewalls at the data center facility with site redundant management servers, and intrusion detection systems.
  • Application security provided via 128-bit SSL encryption, multiple layers of user authentication and data storage in a secure environment.
  • Controls and procedures restricting access to the hosted systems, logging activities, and managing changes as authorized by client and management.
  • Level 1 Payment Card Industry Data Security Standard (PCI DSS) Certification for credit card processing. Is currently in progress and is expected end of the third quarter or sooner. Sphere is currently certified at level 2.
  • Credit card data is encrypted, appointed customer service agents can only see the last four credit card digits for processed transactions.
  • Security and vulnerability monitoring and tracking.
  • State-of-the-art firewall infrastructure, virus protection and patch management.
  • Intrusion detection for all devices and network nodes.
  • Redundant firewalls, VLANs, and Windows and Unix user authentication services.
  • Only front-end Web and ftp servers are accessible from public IP addresses. Databases are contained in a separate back-end restricted network.
  • User and application authentication is handled using Microsoft Active Directory servers.
  • All data replication is over secure connections inaccessible from the Internet.
APPENDIX-E
Management and Monitoring
  • Dedicated team at Blackbaud San Diego proactively monitoring systems 7/24/365 via Network Operations Center (NOC).
  • Server monitoring and management via separate network.
  • Service provider level tools for system and application level monitoring.
  • Service provider level tools for quickly building, storing and retaining system images.
  • Enterprise level firewall management console.
  • Web performance monitoring with Nimbus, Gomez and proprietary systems.
  • Email and phone alerts are sent out whenever a critical level is reached for a large range of performance criteria.
  • The following functions are monitored:
    • Donations volume
    • Outbound email traffic volume
    • Bandwidth measurements taken every five minutes from our firewalls
    • Bandwidth measurements taken every five minutes from the first router in the mesh of co-location facilities
    • Server health checks every 30 seconds per every web server – alerts generated
    • Application error log monitoring with real-time alerts
    • Web server real-time monitoring and alerting from SNMP traps, web server logs, OS event viewer logs
    • Service provider class real-time monitoring and alerting of web servers and database servers
    • Database activity trends against expected norms.
    • Database monitoring with SQLMon application
    • Real-time notification of switch interface transitions
    • Independent ISP monitoring from our co-location partners
    • Traffic download times of key pages taken every minute from remote locations.
    • System log and file integrity monitoring