Databases are critical. Many of our organizations use them constantly for all kinds of work. But, we sometimes forget that securing our data on them is equally important.
Judge a database on many features: ease of use, clear design, appropriate power…whatever matches your needs. But most of us don’t take the measure of a database’s security and that’s a major issue.
There are two ways to maintain a database — on your computer or network or on the servers (or Cloud) of a provider. The security issues are different. If you’re on a network in your office and the office is raided, they’ll take your database — it’s the first thing government people look for. If you’re on a provider, your data can be collected, capture or stolen (sometimes with that provider’s blessing).
The key is encryption.
There are many good database programs, but we strongly recommend Civi-CRM, a database you can install with the Drupal, Joomla or WordPress content management systems. It’s one of the world’s most popular and a spectacularly powerful, expandable and reliable database program. There’s also a learning curve in using it but the more you learn, the more you can do with it.
If you’re on an office network, encrypt all the servers. How you do that depends on what device and operating system you’re using. Progressive Technology Project has a great tutorial on this:
https://network.progressivetech.org/online-protection
and scroll down to “full disk encryption”.
If you’re on a server as will usually be the case, here’s our suggestion:
First, find a provider willing to encrypt your database data on its servers. Two of the better known providers that do this:
But you should check around and ask about encryption and data protection. It’s a reasonable question.
Install your CMS (WordPress is very good but all three are fine) and then CiviCRM and you’ll be using it for your protected data in no time. BTW, both the above providers will help you install Civi. Ask any provider if they’ll do that.