Your data is too important to leave unprotected

padlock

SECURITY IS A FLUXX PRIORITY

 

Security is one of the top concerns for grantmaking organizations, particularly when moving their grants management operations to a cloud-based solution. Protecting data and system security is a core Fluxx business practice. We offer best-in-class security features and run comprehensive audits of our applications, systems, and networks to ensure customer data is always protected. Fluxx solutions are hosted on Amazon Web Services (AWS), the award-winning secure cloud service provider, that handles all physical security of hardware and networking. That’s why our customers are confident that their information is safe and their Fluxx system is secure.

 

FLUXX AND AWS MEET STRINGENT SECURITY AND COMPLIANCE STANDARDS, INCLUDING:

 checked SOC 2 Type 2   checked CCPA   checked GDPR

socCCPALogogdpr     

 

BENEFITS

Keep your data close to your chest with hosting options around the world

 

shield

Defend your grantmaking data and system against unauthorized intrusions and improper use.

security

Secure the information you exchange with your grantees.

data-protection

Protect your data history and system configurations from failure and disaster.

Leading grantmakers trust Fluxx with their data

ford-logo-color   MacArthur Logo PNG   Lumina Foundation ikea_foundation-1   CIFF_logo

 

"Fluxx takes security seriously. They have been a great partner over the past 6+ years, and share our values and priority around cybersecurity and building and running a secure platform. Fluxx is very responsive to dynamic cybersecurity needs.”

JOHN MOHR, CIO, MACARTHUR FOUNDATION

ENSURING SECURITY FROM CLOUD TO SCREEN 

 

SECURE REGIONAL HOSTING

Fluxx offers data hosting via Amazon Web Services (AWS) in the US, Europe, Oceania, Canada, and Hong Kong.

 

SECURE APPLICATION 

Fluxx uses rigorous Software Development Life Cycle (SDLC) with systematic code reviews and automated tests to build the most secure system. Fluxx also employs external experts to perform detailed penetration tests annually. 

 

SECURE NETWORK

Logical security is enforced at every level, from usage of Amazon’s Virtual Private Clouds (VPC) to leveraging best-in-class Kubernetes security configurations. Intelligent threat detection is provided by AWS GuardDuty, with managed DDoS protection via AWS Shield.

 

SECURE DATA 

All data is encrypted in motion via TLS 1.2+ and at rest on disk

 

SECURE USERS

Fluxx offers both a SAML 2.0-supported Single Sign-On (SSO) connection and Multi-Factor Authentication (MFA) to protect user access. Individual access managed via role-based and/or attribute-based permissions. Password storage uses a salted cryptographic digest.

 

SECURE CODE

Github info leak vulnerability and code scans are performed continuously.

 

SECURE OPERATIONS 

Policies, controls, and 24/7 monitoring tools support strict security oversight of all daily activities. Administrative access to Fluxx’s AWS resources is tightly controlled and reviewed every month. Access to the underlying infrastructure is restricted by a firewall, and 2-factor authentication is only permitted from limited and trusted staff locations. Annual cybersecurity tabletops, team simulations, and disaster recovery exercises are performed across the organization to pressure test our teams, systems, and processes throughout the year. 

 

ALWAYS ON AND AVAILABLE 

Fluxx guarantees 99.5% uptime and can accommodate heavy grant submission periods without degradation in service. In addition, data is synchronously replicated between data centers, with data backups and server  system images stored in separate availability zones.

See a Fluxx Grantmaker Demo

Get a personalized demo with one of our grantmaking experts

 

Get Started