Your data is too important to leave unprotected

padlock

SECURITY IS A FLUXX PRIORITY

 

Security is one of the top concerns for grantmaking organizations, particularly when moving their grants management operations to a cloud-based solution. Protecting data and system security is a core Fluxx business practice. We offer best-in-class security features and run comprehensive audits of our applications, systems, and networks to ensure customer data is always protected. In addition, Grantmaker is hosted on Amazon Web Services (AWS), the award-winning secure cloud service provider, that handles all physical security of hardware and networking. That’s why our customers are confident that their information is safe and their Fluxx system is secure.

 

FLUXX AND AWS MEET STRINGENT SECURITY AND COMPLIANCE STANDARDS, INCLUDING:

checked ISO 27001   checked SOC 1 Type 2   checked SOC 2  checked CCPA   checked GDPR

gdpr    iso  soc

 

BENEFITS

Keep your data close to your chest with hosting options around the world

 

shield

Defend your grantmaking data and system against unauthorized intrusions and improper use.

security

Secure the information you exchange with your grantees.

data-protection

Protect your data history and system configurations from failure and disaster.

Leading grantmakers trust Fluxx with their data

ford-logo-color   MacArthur Logo PNG   Lumina Foundation ikea_foundation-1   CIFF_logo

 

"Fluxx takes security seriously. They have been a great partner over the past 4+ years, and share our values and priority around cybersecurity and building and running a secure platform. Fluxx is very responsive to dynamic cybersecurity needs.”

JOHN MOHR, MACARTHUR FOUNDATION

ENSURING SECURITY FROM CLOUD TO SCREEN 

 

SECURE APPLICATION 

Fluxx uses rigorous development processes with systematic code reviews and automated tests to build the most secure system. Fluxx also employs external experts to perform detailed penetration tests on Grantmaker annually. Fluxx Grantmaker offers AWS Web Application Firewall (WAF) to protect your system against malicious data and allow you to better control the traffic coming to your site by whitelisting & blacklisting IP addresses. It also prevents attempts at SQL injections, scripting attacks, and certain crawlers from scanning your site.

 

SECURE NETWORK

Fluxx instances are provisioned on Amazon Virtual Private Cloud (VPC), logically isolated from the rest of AWS to maximize reliability and security. Our K8 clusters also employ separated subnets and client specific namespaces. DDoS attacks are comprehensively protected against, using AWS Shield as part of the AWS-provided DNS and Network infrastructure. Fluxx offers an IDS (Intrusion Detection System) to accelerate network threat detection, incident response, and compliance management.

 

SECURE DATA 

Encryption in transit: Communications between end-users and Fluxx servers are encrypted via HTTPS and Transport Layer Security (TLS) over public networks. 


Encryption at rest: Customers of Fluxx benefit from the protection provided by encryption at rest in their MySQL and Elasticsearch databases.



SECURE REGIONAL HOSTING

Through AWS, Fluxx customer data can be hosted in every major region of the globe. By default Fluxx offers hosting in US, Europe, Oceania, Canada, and Hong Kong, with the full list of hosting locations available on the AWS website

 

SECURE USERS

Fluxx offers Single Sign-On (SSO) SAML 2.0 compliant options and Multi-Factor Authentication (MFA) to protect Grantmaker user access. Password requirements are easy to configure to enforce stricter login security, and individual access to data and functionality is managed through role-based permissions. Our password storage also uses a salted cryptographic digest to make passwords almost impossible to deduce. 

 

SECURE CODE

Github reviews are enforced even for system admins to ensure no 3rd party content is inserted into our code. Additionally, info leak vulnerability scans are performed continuously to ensure that api and other keys are not included in our code. 

 

SECURE OPERATIONS 

Policies, controls, and 24/7 monitoring tools support strict security oversight of all daily activities. Administrative access to Fluxx’s AWS resources is tightly controlled and reviewed every month. Access to the underlying infrastructure is restricted by a firewall, and 2-factor authentication is only permitted from limited and trusted staff locations. Annual cybersecurity tabletops, team simulations, and disaster recovery exercises are performed across the organization to pressure test our teams, systems, and processes throughout the year. 

 

ALWAYS ON AND AVAILABLE 

Fluxx guarantees 99.5% uptime for Grantmaker and can accommodate heavy grant submission periods without degradation in service. In addition, data is synchronously replicated between data centers, and backups of all data and copies of Fluxx server system images are stored in separate regions to allow for fast recovery in the case of system failure or disaster.

See a Fluxx Grantmaker Demo

Get a personalized demo with one of our grantmaking experts

 

Get Started