Blackbaud Security Breach

Erica,

I can speak from a hosting perspective that we share our members’ heightened awareness about security events and are constantly reviewing our security practices and policies to ensure we are as protected as possible from many types of attack. 

We have a robust perimeter security which includes state of the art firewalls and web application firewall (WAF).  We use an AI based malware identification product deployed to all of our infrastructure.  In addition to the automated checks and scans our team does a daily review of our logs to ensure there isn’t any unusual activity.  All of our data is encrypted in transit and sensitive data is encrypted at rest.  Our team’s devices do not connect directly to the network which serves as an additional layer of protection for our environments.  All interactions are via citrix using the multi-factor authentication for access, this helps protect from passive transmission of impacted files or network traffic.  Our team are regularly trained on correct security practices and have tools and processes in place to ensure security of our devices and environments. 

Our environments are PCI compliant and our software and environments comply with GDPR regulations surrounding personal data.  If you are looking for our Attestation of Compliance (AOC) you may put in a help ticket (hello@tessituranetwork.com) and the team can provide that for you.  

 As we work toward migrating all our environments to the commercial cloud in the next year we are keeping security of data and environment in front of mind both in the design and execution;  at the same time we are ensuring that our current environments are secure and protected. 

Please feel free to initiate a help ticket if you have further questions.  

Hi Anna,

Thank you! This is helpful. I appreciate your detailed outline of compliance protocols. I will submit a ticket for the AOC shortly.

Thanks again!
Erica