We utilize Amazon Elastic Compute Cloud (AWS) for hosting. Their security specifications are among the tightest in the hosting industry. We store files on Amazon S3, a highly secure, scalable, and redundant storage tool.
We perform regular backups of our data every night, both of our database, and search index. Backups are stored on a separate cloud server.
- Application Platform: Java/Spring framework
- Application Server: Tomcat
- Web Server: Apache
- Database Platform: MySQL 5.6
Weekly patches using the updates provided by the Vendor.
RFP365 requires SSL (https) for all interactions with the application.
User credentials are stored in our secure database and passwords are encrypted using an industry-standard, strong cryptographic hashing algorithm with user specific salt.
Yes. Administrators have access to all data within an account and can configure granular access permissions for users. Roles include: Administrator, Manager and Contributor. Contributor Roles can be customized for fine level of access to proposals, knowledge, and RFPs. A user may be a Contributor on Proposal A and have no access or any other role on Proposal B.
Account Administrators configure and maintain each user's roles throughout the application. RFP365 support personnel may assist if needed to help customers choose the ideal role(s) for each user.
RFP365 utilizes Stripe as our payment gateway and all financial data is stored within their platform. No financial information is stored within the RFP365 application or database. Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
Every RFP365 employee has completed a thorough background/employment screening process, signed employee confidentiality agreements and received extensive training to ensure they know exactly what to do, and what not to do.