Cyber-Crime Awareness Highlights Need for Secure Board Portals
Well-publicized breaches of consumer credit information have heightened awareness of the risks of cyber-crime and raised the profile of information security issues both for executives and boards of directors. A recent PwC survey indicated that spending on IT security measures increased more than 50 percent in 2013. [Defending Yesterday: Key findings from The Global State of Information Security Survey 2014] We applaud this renewed focus on cybersecurity in IT budgets, the executive suite and in the board room emphasizing the need for secure board portals.
In light of the growing interest in secure board portals at the board level – and since it is one of the first questions most new customers ask us – we thought we would outline the security measures built into BoardBookit. From the beginning, BoardBookit has been designed to incorporate best-practices in information security to ensure that our customers’ critical information is always protected.
BoardBookit secure board portals includes multiple layers of security at the server level – the computer hardware and software where BoardBookit applications are hosted – and at the user application level on iPads, laptops and other mobile devices. All data transmitted to and from BoardBookit applications (on mobile devices, PCs and “in the cloud”) is encrypted using the same best-available technology that is used in corporate IT departments today.
Secure Board Portals: User Access Control
All security functions within BoardBookit are conducted within the Admin Center web console using up-to-date web browsers on standard PC or Apple computers supporting the latest security features. Central administrative control of both the web and mobile components of the system enable access control and user-defined permissions for content distribution and viewing. These features ensure that no one but designated board members, administrators, and other users have access to your information, not even BoardBookit employees.
Permissions and information access within BoardBookit is tied to individual users. Each user must present unique identifying credentials to access BoardBookit, and authentication policies require strong passwords. All user access to the portal is logged, creating an audit trail. Users can only access information directed to that user or the committees to which the user belongs.
Similarly, capabilities are managed by roles attached to specific users. Only designated administrators can grant or revoke member access, at any time. When access is revoked, data is also removed from a user’s iPad .
Secure Board Portals: Security of Servers
BoardBookit client applications are hosted in multiple geographically dispersed and highly secure data center facilities in the United States. The servers hosting BoardBookit customer applications are subject to security controls that comply with SSAE 16 industry standards (formerly SAS70), and all BoardBookit clients have access at any time to independent audit reports (SOC 1 and SOC 3) to satisfy their internal control and reporting requirements.
Of course, this is just an overview of the many security features built into BoardBookit. We welcome your questions about security, as we firmly believe that best-in-class security is a cornerstone for our long-term success serving non-profit and corporate boards.
Ready to get started?
Schedule a live demo and discover the BoardBookit Difference.
Interested in Learning More?
Read the latest board governance resources from our blog.