CommuniBee Security And Privacy

We understand that you may be cautious about signing up for a service like CommuniBee. Ensuring your online security and privacy are more important than ever. That’s why we’ve made the following security blog post available for viewing. You can also download it here as a document.

CommuniBee Security And Privacy

This post outlines the security and privacy considerations in the CommuniBee app.

Privacy

Our philosophy when it comes to privacy is to collect as little information as is necessary (typically only email addresses as usernames), and to never share that information with any 3rd party except for the purposes of enhancing our service. For details, view our privacy policy.

Server Security

  • API and database server are running Ubuntu 18.04, a Long Term Support version supported out until 2023.
  • Server runs UFW firewall locked down with IP whitelisting as needed for developers to access.
  • All communications are done over HTTPS with RSA 2048-bit encrypted SSL.
  • Database can only be accessed by API, blocked by firewall rules from anything but API.
  • Database is running the latest version of Microsoft SQL Server, and API is running the latest .NET
    Core runtime for Linux.
  • All database access uses Entity Framework to mitigate SQL injection attacks.
  • All passwords used for accessing the server are strong, randomly generated strings.
  • Database is backed up daily.
  • User passwords are properly hashed so they cannot be extracted and reverse engineered.

 

Application Security

Communities within CommuniBee can be flagged as discoverable or not. If discoverable, like Edmonton Community Leagues are, users are presented a drop down of available communities to join. If not discoverable, guests need to either be given an invite code that they enter to join a community, or they can be invited directly by an admin through the dashboard.

Additionally, the ability to join can be configured in the app with three levels:

  1. No Approval Required – anyone with invite code can join and has immediate access.
  2. Approval Always Required – people join with an invite code and enter a pending state until approved by an admin.
  3. Email Domains Auto-Approved – admins can add approved email domains. When users register with such a domain they are automatically approved, otherwise they enter a pending state as in #2.

User access can be controlled by admins from the dashboard at any time, revoking or granting access to members of the community.

Access privileges are calculated on the app side for speed, but also on the API to prevent circumvention. We use signed JWT tokens for authentication with anti-forgery checks.

Payment Security

For payment processing we use Stripe, which is an industry standard for online credit card processing. It is used by many recognized names like SalesForce, Expedia, OpenTable, Spotify, etc.

When a payment is made in CommuniBee, a dialog is presented to collect payment information (credit card #, expiry date, CVV), and that information is passed directly to Stripe along with the email address of the account. It is important to note that the credit card information is never passed to or stored on our servers.

When Stripe approves the payment, a token and client ID is returned and then passed to our server. Our server then contacts Stripe with that token to validate the payment, and this finalizes the transaction. If auto-renew is toggled on, the CommuniBee system can use the client ID to process a renewal payment without requiring the card information again.

Infrastructure Security

We use Digital Ocean for hosting the server and database. Digital Ocean is one of the leading providers of hosting services. The servers we use are hosted on Canadian soil in Toronto.

For details on Digital Ocean’s data security practices, visit: https://www.digitalocean.com/legal/data-security/

An excerpt from that page:

Security controls provided by our datacenter facilities includes but is not limited to:

  • 24/7 Physical security guard services
  • Physical entry restrictions to the property and the facility
  • Physical entry restrictions to our co-located datacenter within the facility
  • Full CCTV coverage externally and internally for the facility
  • Biometric readers with two-factor authentication
  • Facilities are unmarked as to not draw attention from the outside
  • Battery and generator backup
  • Generator fuel carrier redundancy
  • Secure loading zones for delivery of equipment

If you have any questions regarding your security and privacy, don’t hesitate to contact us!

  • The CommuniBee Team

What is CommuniBee?

What is CommuniBee?

CommuniBee brings your community into the digital age. With easy to use mobile and web based solutions.

Create some Buzz in your community. CommuniBee was designed to bring Communities and Groups into the digital age. The application was developed to assist and increase engagement within groups. Some of the key features that CommuniBee offers include:

  • Fixed price, software as a service, fast set up and easy to manage.
  • Event management built in, easier than 3rd party, no cut on event tickets, more money in their pockets.
  • Simplified membership purchase and renewal and increasing membership. 
  • Save time with central management of events and memberships, reduce volunteer fatigue.
  • Real time news and notifications, save on newsletter printing costs and delivery.
  • Sponsorship opportunities to promote local business and help offset cost.

By providing things such as real-time news and notifications, you can increase the connection and participation in your community. With approximately 89% of 29-49 year olds, and 73% of 50-64 having smart phones and nearly 90% of both having access to a computer with internet, reaching your members has never been easier.

.

Download Your Copy of CommuniBee Today

The 6 C’S of Community Engagement (Part 1)

The 6 C's of Community Engagement (Part 1)

Discover how CommuniBee can help you build upon these core aspects of community engagement

We all know that community engagement is a foundational requirement for a healthy, thriving, successful society— but how do we know when our efforts are working?

It’s a question many community leaders, municipal governments, and other organizations ask themselves frequently.

There are an endless number of ways to engage your community, but if you aren’t touching on the essential elements that contribute to a strong sense of belonging, your strategy will likely lose its luster over time.

Thankfully, by focusing on the six C’s of community engagement, local leaders can better gauge whether or not they are generating results, and identify gaps in their engagement strategy more quickly.

All of the six C’s are critical, and the strongest communities are those who put a plan into action, ensuring each category is being tended to.

In today’s blog post, we’ll be covering the first three C’s, with the remaining three to come in our next post! 

So, let’s take a deeper look at these criteria, while simultaneously learning more about how a mobile community app like CommuniBee can help you achieve the outcome you’re looking for.

Here are the First Three C's of Community Engagement:

1. Capability

In order to build a strong community, your members must be capable of engaging in constructive, open, healthy dialogue. Otherwise, it becomes impossible to resolve issues or move forward with a shared vision. 

How CommuniBee Can Help:

A mobile community app can make communicating with your fellow residents much more convenient. It eliminates the need to wait until a town meeting or physical interaction in order for thoughts and opinions to be expressed. 

The CommuniBee app allows users to log in at any time, from anywhere they have cell service, and receive updates regarding the happenings in their community. And with the help of push notifications, members of the community are alerted of all the latest information even if they aren’t logged into their app— reducing the likelihood of miscommunication or knowledge gaps.

 

2. Commitment

In regards to community engagement, a commitment is formed when community members come together to support one another beyond their self interests. Commitment creates a bond between citizens, motivating them to create a better environment for all.

How CommuniBee Can Help:

Before you can encourage your community members to commit to building a stronger network, they must first be aware of the importance of community involvement, and feel inspired to take part.

Using a mobile community app like CommuniBee is a great way to keep your members informed about upcoming community events, and to communicate how much you would value their participation.

The more welcomed and informed your community members are, the more compelled they will feel and the more invested they will be in their community’s success.

3. Contribution

Contribution refers to the willingness of your citizens to volunteer and give back to their community.

How CommuniBee Can Help:

At CommuniBee, we believe that keeping your community members in-the-loop about opportunities to contribute is the first step to securing more involvement. 

That’s why we make it easier for community leaders to manage their events and activities with features like a built-in RSVP system, and convenient dashboard that allows you to manage attendance.

Additionally, the real-time news section of the app makes it a breeze to post volunteer opportunities or event updates, giving your members the details they need, when they need them.

We also send automatic reminders to anyone who has RSVP’d to an event or activity, which can be delivered via push notifications.

Stop waiting for your community members to check out your physical bulletin board, or dealing with the frustration of emails or mail-outs that go unread.

A mobile community app is a cost-friendly solution that ensures your messages are received quickly, in a way that works for today’s tech-savvy society.

We’ll be covering the remaining three C’s of community engagement in our next post!

Download Your Copy of CommuniBee Today