Data Security & Compliance
Delivering the highest security measures to keep your data safeWe help large scale and international events to manage their volunteers
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
How Rosterfy keeps your data safe
Security features for more control, accountability and protection
.png?width=1920&height=1080&name=Training%20-%20Volunteer%20Portal%20(11).png "Training - Volunteer Portal (11)")
Security Governance
Rosterfy has a documented set of policies and procedures that defines our approach to security as an organization. These are shared with all staff and reviewed and updated frequently to ensure our approach to security remains current.
To maintain the highest level of certifications and accreditations, we integrate and maintain the latest in innovative security and privacy technologies. As a Rosterfy customer, you are protected by our multi-tiered security measures and accredited procedures.
ISO27001 Certified
To provide world-class security, we ensure our platform meets key industry standards. Rosterfy is certified against ISO27001 standards for Information Security compliance.
Rosterfy monitors our system using external and internal vulnerability scanning. We perform frequent audits and security assessments with independent and globally recognised security assessment firms.
.jpg "Product Spotlight Data Protection (2)")
.png "Product Spotlight Data Protection (2)")
Access to Internal Systems and Cloud Platforms
We ensure that access to systems in our IT environment, including the cloud platforms we use, is restricted to employees who specifically require this access for their work.
All administrator access requires multi-factor authentication and employees accessing our environment are required to use an approved VPN solution.
Access permissions to our systems are regularly reviewed on an employee-by-employee basis and modified promptly.
Third Party Security
Rosterfy runs on AWS cloud infrastructure. We host customer instances between multiple Availability Zones in three regions (AU, UK, EU and USA).
AWS is accredited by and compliant with a large number of the latest industry standards – more information can be found here: https://aws.amazon.com/artifact.
Keen to learn more about Rosterfy?
Get in touch with our Sales representatives to learn more about our volunteer management solution.
Protecting Customer Data
Rosterfy takes a number of measures to help protect customer data from inappropriate access or use by unauthorized persons (either external or internal).
Customer data is only stored in our production environment, and access to that data by Rosterfy employees is limited only to the employees who require access to perform their standard duties. Access to customer data is managed using access control and authentication tools (including the use of two factor authentication) provided by Amazon Web Services and our other cloud partners.
For full details please refer to the Rosterfy Privacy Policy found here.
In the rare case that Rosterfy support employees need to access to specific customer data (generally for troubleshooting or support purposes) then Rosterfy will always seek consent from a customer before accessing this data.
.png?width=1920&height=1080&name=Product%20Spotlight%20Data%20Protection%20(3).png "Product Spotlight Data Protection (3)")
Backups of Data
Rosterfy data is backed up at regular intervals to disparate encrypted data storage solutions provided by Amazon Web Services. Backups are replicated to multiple AWS facilities within the customer’s region (APAC, USA or EU).
GDPR Compliant
Rosterfy’s policies and procedures for data protection align to meet the standards and requirements of the GDPR.
This includes transparency with regard to the use of data as well as the protection of data collected by Rosterfy through our third party servers.
%20(2).png "Portal Evet View (1080 × 1080 px) (2)")
Role and attribute based access to data + SSO
Rosterfy allows customer created roles to be assigned to users to control what functionality is available for a user, and which records a user is able to see. These features can be combined with enterprise identity providers to allow customer controlled authentication to the system.
Keen to learn more about Data & Compliance?
View our comprehensive Data & Compliance documentation.