The privacy and security of your data is our top priority. Keep your content safe with the industry best-practice security measures we’ve put in place. Please contact us directly if you’d like more information about our security.
We utilize Amazon Elastic Compute Cloud (AWS) for hosting. Their security specifications are among the tightest in the hosting industry. We store files on Amazon S3, a highly secure, scalable and redundant storage tool.
We perform regular backups of our data every night, both of our database, and search index. Backups are stored on a separate cloud server.
- Application platform: Java/Spring framework
- Application server: Tomcat
- Web server: Apache
- Database platform: MySQL 5.6
Weekly patches using the updates provided by the vendor.
RFP360 requires SSL (https) for all interactions with the application.
User credentials are stored in our secure database and passwords are encrypted using an industry-standard, strong cryptographic hashing algorithm with user specific salt.
Yes. Administrators have access to all data within an account and can configure granular access permissions for users. Roles include: administrator, manager and contributor. Contributor roles can be customized for fine level of access to proposals, knowledge and RFPs. For example, a user may be a contributor on Proposal A and have no access or any other role on Proposal B.
Account administrators configure and maintain each user’s roles throughout the application. RFP360 support personnel may assist if needed to help customers choose the ideal role(s) for each user.
RFP360 utilizes Stripe as our payment gateway and all financial data is stored within their platform. No financial information is stored within the RFP360 application or database. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
Every RFP360 employee has completed a thorough background/employment screening process, signed employee confidentiality agreements and received extensive training to ensure they know exactly what to do, and what not to do.