cuag
Contents
1. Introduction
- 1.1. About this book
- 1.2. What is CiviCRM?
- 1.3. Real World Examples
- 1.4. Components
- 1.5. Extensions
- 1.6. Who is CiviCRM?
2. Getting prepared
- 2.1. Identifying Your Needs
- 2.2. Is CiviCRM for You?
- 2.3. Test it out
- 2.4. Hosting
- 2.5. Transitioning to CiviCRM
3. Initial set up
- 3.1. Installation and basic set-up
- 3.2. Scheduled jobs
- 3.3. Customizing the user interface
- 3.4. Permissions and access control
- 3.5. Security
4. Advanced configuration
- 4.1. Email System Configuration
- 4.2. Logging
5. The user interface
- 5.1. Menu, Dashboard and Dashlets
- 5.2. Keyboard shortcuts
- 5.3. Searching
- 5.4. Undelete
6. Organising your data
- 6.1. Overview
- 6.2. Mapping your data
- 6.3. Contacts
- 6.4. Groups and tags
- 6.5. Smart groups
- 6.6. Activities
- 6.7. Relationships
- 6.8. Creating Custom Fields
- 6.9. Profiles
7. Common workflows
- 7.1. Importing Data into CiviCRM
- 7.2. Exporting Your Contacts
- 7.3. Deduping and Merging
- 7.4. Tokens and mail merge
- 7.5. Postal mail communications
- 7.6. Automating tasks
8. Contributions
- 8.1. What is CiviContribute?
- 8.2. What You Need To Know
- 8.3. Set-up
- 8.4. Everyday Tasks
- 8.5. Soft credits
- 8.6. Personal Campaign Pages
- 8.7. Accounting Integration
- 8.8. Payment processors
- 8.9. Invoicing
- 8.10. Sales tax and VAT
- 8.11. Reports and analysis
9. Pledges
- 9.1. What is CiviPledge?
- 9.2. What you need to know
- 9.3. Set-up
- 9.4. Everyday tasks
- 9.5. Pledges Reports and Analysis
10. Events
- 10.1. What is CiviEvent?
- 10.2. Event planning and management
- 10.3. Creating an event
- 10.4. Online event registration
- 10.5. Integrating events with your website
- 10.6. Manual event registration
- 10.7. Keeping track of events and participants
- 10.8. Complex event fees
- 10.9. Event templates
- 10.10. Reports
- 10.11. Custom data for events
- 10.12. Repeating Events
11. Membership
- 11.1. What is CiviMember
- 11.2. Defining memberships
- 11.3. Online membership sign up
- 11.4. Manual entry of memberships
- 11.5. Membership price sets
- 11.6. Finding and viewing memberships
- 11.7. Membership Reports
- 11.8. Renewals
- 11.9. Cancelling and expiring memberships
- 11.10. Making member only websites
12. Email
- 12.1. What is CiviMail?
- 12.2. What You Need To Know
- 12.3. Set-up
- 12.4. Maintaining Healthy Email Lists
- 12.5. Everyday tasks
- 12.6. Reports and analysis
- 12.7. Scheduled reminders
- 12.8. CiviMail A/B Testing
13. SMS (text messaging)
- 13.1. What is SMS?
- 13.2. Set-up
- 13.3. Everyday tasks
- 13.4. Reports and Analysis (SMS)
14. Reporting
- 14.1. What is CiviReport?
- 14.2. What You Need To Know
- 14.3. Set-up
- 14.4. Everyday Tasks
15. Case management
- 15.1. What is CiviCase?
- 15.2. What You Need To Know
- 15.3. Set-up
- 15.4. Everyday Tasks
- 15.5. Reports and analysis
16. Campaign
- 16.1. What is CiviCampaign?
- 16.2. What You Need To Know
- 16.3. Set-up
- 16.4. Everyday tasks
- 16.5. Reports and analysis
17. Survey
- 17.1. What is Survey?
- 17.2. What You Need To Know
- 17.3. Set-up
- 17.4. Everyday Tasks
- 17.5. Reports and analysis
- 17.6. What is GOTV (Voter Tracking)?
18. Petition
- 18.1. What is a Petition?
- 18.2. What You Need To Know
- 18.3. Set-up
- 18.4. Everyday Tasks
- 18.5. Reports and analysis
19. Civic Engagement
- 19.1. What is CiviEngage?
- 19.2. What You Need To Know
- 19.3. Set-up
- 19.4. Everyday Tasks
- 19.5. Reports and analysis
20. Grants
- 20.1. What is CiviGrant?
- 20.2. What You Need To Know
- 20.3. Set-up
- 20.4. Everyday tasks
- 20.5. Reports and analyis
21. Website integration
- 21.1. Choosing your CMS
- 21.2. Integrating with Drupal
- 21.3. Integrating with WordPress
- 21.4. Integrating with Joomla
22. The CiviCRM Community
- 22.1. The CiviCRM Community
- 22.2. Bug Reporting
- 22.3. Localising CiviCRM
- 22.4. Contributing to this manual
23. Appendices
- 23.1. History of this book
- 23.2. Free Software?
- 23.3. Glossary
- 23.4. Credits

cuag

Security

CiviCRM is a web based solution, and as such, requires a web server to run. When web servers store sensitive data and are publicly available over the Internet - as CiviCRM is designed to be - security is an important aspect to consider. The recommended approach to securing CRM data is to use a VPN (Virtual Private Network) to encapsulate data transferred over public networks in encrypted packets. One of the simplest methods of implementing this is through forcing the use of encrypted tunnels when accessing the server through various data protocols (e.g. SSH, SSL and FTPS, explored below); this effectively wraps and the data in a protective shell, which can only be opened by the user's web browser, and the server.

Encrypted data transfer

There are a number of different protocols (methods) for transferring data from one point to another.

FTPS: for uploading files to the server outside of the CiviCRM interface (admins only), you may wish to use a FTPS (Secure File Transfer Protocol) client. If possible, set up FTPS accounts with usernames and passwords.
SSH: the SSH (Secure Shell) is a method which can be used to authenticate a user - by password or a key - and tunnel them into the server to execute command-line instructions.
SSL: this affects your everyday users accessing CiviCRM through a web browser. SSL (Secure Sockets Layer) encrypts the data submitted on a page by a user and sends it to the server - the only entity holding the 'key' to decrypt the data, and vice versa. SSL may be required for PCI compliance, or simply to prevent the interception of sensitive information during transit. By default, CiviCRM is not secured for browser access, please read the section 'Setting up SSL' for configuration instructions.

Note: ensure passwords used by one person across several protocols are different, as each carry with it varying levels of control.

Should I use SSL (Secure Sockets Layer)?

PCI compliance

American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. work together to form standards for online payment processing (see https://www.pcisecuritystandards.org/organization_info/index.php).

Hosting for websites that accept payments using CiviContribute and CiviEvent should comply with their standards if the plug-in you are using does not route the user to external pages for payment processing (e.g. PayPal Standard redirects users to PayPal pages to make the transaction before returning to your website, and should therefore meet these standards). If credit card information is being processed or stored on your server, there are a number of PCI Payment Application Data Security Standards (PCI PA-DSS) which must be met, including the need to use SSL. Each CiviCRM installation must also be tested for PCI compliance every 4-12 months. Consider the payment processing method you intend to use carefully before implementing it, use SSL if you are using a credit card payment processor, and seek security consultation if you decide to store credit card information on your server (this is not recommended).

For further information, see: https://www.pcisecuritystandards.org/merchants/index.php.

Unauthorised data access

Aside from the potential need to meet PCI compliance, you should use SSL if you wish to ensure:

your data cannot be read by unauthorised users (e.g. through intercepting un-encrypted data during transit between the user and server).
a user's session is not hi-jacked through acquiring the cookie used to authenticate their access. If this occurs, an unauthorised individual could assume their identity and proceed to use the system through their account.

Setting up SSL

Before choosing a hosting company or web server provider, check that they support SSL certificates. As explained above, SSL encrypts the data transferred between a user's web browser and the server, but this is not enabled upon installation as it requires the purchase of an SSL certificate from a trusted vendor. To install SSL:

Determine what your server requirements or procedures are for enabling an SSL certificate. On shared servers this may require purchasing a static IP from your host. Important: your host must be willing to install the certificate on your domain, not one at a higher level. CiviCRM does not support shared SSL.
Purchase an SSL certificate from a security vendor.
Install the SSL on your server following the procedure you learned in step 1.
Enable 'HTTPS' redirection on your CiviCRM site so that the login, online contribution, member, event and administrator pages use SSL encryption. CiviCRM has an option in global settings to check the certificate and enable SSL for these pages (Administer > System Settings > Resource URLs). To use SSL for all CiviCRM pages, either edit the server's apache .htaccess file to force SSL and redirect HTTP requests to HTTPS, or enable the option in Drupal.

Backups and their security

All computer systems are prone to failures - both hardware and software. It is advisable to create periodic backups of all existing data (and possibly the software) to fulfil two important purposes: recovery and retention. In regards to recovery, the organisation can ensure that the data gathered and stored in its database is not lost in the event of failure. Backups can also aid in the strengthening of service continuity. In some situations it is essential that data gathering or analysis operations do not cease, and the ability to build a working tool from a backup (while the issue is being addressed) minimises downtime. Conversely, retention is useful when the organisation needs to check the state of data gathered at a given time in the past.

Once made, the backups themselves must also be secured from natural disasters, fire, vandalism and theft. It is good practice to encrypt backups and duplicate them, keeping one copy on premises, and sending the other to storage at another external location.

Data storage jurisdiction

CiviCRM can be run on a web server managed by your organisation, or by an external hosting provider. When working with issues related to human rights, or if your organisation is gathering sensitive information about a country's government or its officials, it may be important to know where your data is stored. Consider gathering detailed information about where the servers are physically located, and the country whose jurisdiction the data will fall under in case a governmental agency requests information.

Other security concerns

Data may be accessed by unauthorised individuals through a variety of methods, many of which do not directly relate to the CRM's security. Amongst others, the following are areas that should be examined:

Physical access to the server: the building holding the servers should be adequately protected against break-in.
Passwords: an organisational policy should be implemented where passwords are of a sufficient complexity and length (e.g. minimum 8 characters, including letters and numbers), and must not be shared or divulged over insecure communications like email.