Data Security & ComplianceDelivering the highest security measures to keep your data safe
We help large scale and international events to manage their volunteers
How Rosterfy keeps your data safe
Security features for more control, accountability and protection
Rosterfy has a documented set of policies and procedures that defines our approach to security as an organization. These are shared with all staff and reviewed and updated frequently to ensure our approach to security remains current.
To maintain the highest level of certifications and accreditations, we integrate and maintain the latest in innovative security and privacy technologies. As a Rosterfy customer, you are protected by our multi-tiered security measures and accredited procedures.
To provide world-class security, we ensure our platform meets key industry standards. Rosterfy is certified against ISO27001 standards for Information Security compliance.
Rosterfy monitors our system using external and internal vulnerability scanning. We perform frequent audits and security assessments with independent and globally recognised security assessment firms.
Access to Internal Systems and Cloud Platforms
We ensure that access to systems in our IT environment, including the cloud platforms we use, is restricted to employees who specifically require this access for their work.
All administrator access requires multi-factor authentication and employees accessing our environment are required to use an approved VPN solution.
Access permissions to our systems are regularly reviewed on an employee-by-employee basis and modified promptly.
Third Party Security
Rosterfy runs on AWS cloud infrastructure. We host customer instances between multiple Availability Zones in three regions (AU, UK, EU and USA).
AWS is accredited by and compliant with a large number of the latest industry standards – more information can be found here: https://aws.amazon.com/artifact.
Keen to learn more about Rosterfy?
Get in touch with our Sales representatives to learn more about our volunteer management solution.
Protecting Customer Data
Rosterfy takes a number of measures to help protect customer data from inappropriate access or use by unauthorized persons (either external or internal).
Customer data is only stored in our production environment, and access to that data by Rosterfy employees is limited only to the employees who require access to perform their standard duties. Access to customer data is managed using access control and authentication tools (including the use of two factor authentication) provided by Amazon Web Services and our other cloud partners.
In the rare case that Rosterfy support employees need to access to specific customer data (generally for troubleshooting or support purposes) then Rosterfy will always seek consent from a customer before accessing this data.
Backups of Data
Rosterfy data is backed up at regular intervals to disparate encrypted data storage solutions provided by Amazon Web Services. Backups are replicated to multiple AWS facilities within the customer’s region (APAC, USA or EU).
Rosterfy’s policies and procedures for data protection align to meet the standards and requirements of the GDPR.
This includes transparency with regard to the use of data as well as the protection of data collected by Rosterfy through our third party servers.
Role and attribute based access to data + SSO
Rosterfy allows customer created roles to be assigned to users to control what functionality is available for a user, and which records a user is able to see. These features can be combined with enterprise identity providers to allow customer controlled authentication to the system.
Keen to learn more about Data & Compliance?
View our comprehensive Data & Compliance documentation.