Must-Have Security Practices for Board Portal Software

The current climate has enabled malicious users to launch complex attacks. For boards, it’s crucial to address potential threats proactively. This is especially important because of the sensitive nature of board members’ documents and the discussions that take place during meetings.

We will review some security practices BoardCloud has put in place and what you should look for in your choice of board portal software in order to keep your data and information safe.

We believe that BoardCloud security is on par with any of the top board management systems on the market.

Many of our opposition systems are built on older technologies, with an outdated security infrastructure.

BoardCloud is built on the latest Microsoft Enterprise platform, which builds in a raft of secure infrastructure practices that are in line with the requirements of large corporate and military users.

Document Storage & Sharing

A lot of documentation is shared by our users in preparation for, and during a meeting. BoardCloud does not store any source documents on any servers, any stored documents are encrypted with military-grade AES-256 encryption and can only be viewed in our system viewer.

Furthermore, document files and meeting names are never exposed and are obfuscated to look like the meeting folders in the image below:

This secures access even from direct access by administrators.

Board packs and minutes documents are never sent via email, instead, we send secure links to each user associated with permissions to view the documentation. This prevents anything from being stored on a local email server. Downloading of packs is, by default, disabled and can only be activated by an administrator.

Audit trails are maintained for every user login and action on the system. Logging what actions users do, is extremely important in keeping track of what occurs on the system and any malicious actions can be tracked back to the user.

Multi-Factor Authentication (2FA)

Access to the BoardCloud platform is secured through multi-factor authentication (MFA). In addition to a password, users are required to provide a second form of authentication, such as a one-time password (OTP) sent via SMS or email.

Regular Security Updates

The BoardCloud development team continuously monitors and updates the software to address security vulnerabilities. Customers receive automatic updates to ensure that their systems remain patched and protected against the latest threats.

Regular Security Assessments

BoardCloud undergoes regular security assessments by independent third parties to validate the effectiveness of security measures and identify areas for improvement. This includes vulnerability scans, penetration testing, and compliance audits.

Customer Education and Support

BoardCloud provides comprehensive customer education and support to help organizations implement and manage the software securely. Customers receive guidance on best security practices, threat mitigation techniques, and incident response procedures.

Secure Communication

All communications between users and the servers are encrypted with the latest SSL/TLS technology. Secure Sockets Layer (SSL) certificates are used to establish an encrypted connection between a browser, a user’s computer and a server or website. TLS is an updated, more secure SSL protocol.

User Security

User password granularity can be set based on individual corporate policies as well as the ability to customize user security on an individual level.

Take note of these practices and ensure the board management software you choose has the right practices in place, not only for the benefit of your individual security but also for the organization as well as its employees.