Looking for your account? Log in

Church Database Security
A safe, secure and reliable Church management system, built and hosted in the UK.

Keep your church data secure with ChurchSuite


Running on dedicated hardware with UKFast and Amazon's UK AWS cloud platform, with multiple links directly to the backbone of the UK's internet infrastructure, ChurchSuite is available when you need it, whenever you need it.


Hosted in a secure UK data centres, ChurchSuite is backed up daily and protected by 24/7 physical security access control, fire suppression and redundant power failure systems.


With SSL encryption, encryption at rest and state-of-the-art physical security at our data centres, ChurchSuite keeps your data locked away from prying eyes. All data is encrypted at rest.


ChurchSuite email support is provided by the same team of developers that built it, meaning you're guaranteed to be helped by one of our team of experts, every time.


In order to ensure your ChurchSuite data is 100% safe, dual backups are performed on a daily basis to separate physical servers in different locations across the UK.


ChurchSuite builds on years of experience with web applications and runs on modern, high-capacity hardware, ensuring peak performance for all your users.

How can you be sure ChurchSuite is 'reliable'?

ChurchSuite runs in a data centre connected by multiple links to what is considered the centre of the UK's internet infrastructure, Telehouse London, as well as to the Manchester data network. This means that if one internet connection goes down, ChurchSuite will still be available and unaffected.

How are you able to keep ChurchSuite 'secure'?

All of ChurchSuite uses SSL encryption, meaning that all the data passing between your computer and our servers does so using 256-bit military grade encryption, making it nearly impossible for anyone else to see what you're sending. SSL is an industry standard technology and one you're probably familiar with if you use online banking; it's the same technology used by all the major UK and international banks.

In addition to this, all of our servers are UK-based and hosted by either UKFast or Amazon's AWS cloud platform - some of the UK's leading data centre providers. Each of these data centres has achieved ISO 27001 certification, which aims at reducing the risk of breaches in the confidentiality, integrity or availability of data to a minimum.

On top of this, we've implemented a number of procedures and used a variety of technologies to help ensure that ChurchSuite is as secure as possible:

  • Access to our production servers is only available to a very small number of pre-authorised computers in our offices (enforced by RSA keys).
  • We undergo penetration testing by a CREST approved organisation. No compromises have ever been found through penetration testing.
  • We run security scanning software within a sandbox environment that checks for and warns us of common vulnerabilities such as SQL injection and XSS attacks, amongst others.
  • Automated testing operates within our development team, helping us to identify whether changes made to the software yield the expected results. If the automated tests fail, the developer is notified, allowing them to fix the bugs before they're pushed to our production environment.
  • We use dedicated servers that are used exclusively by ChurchSuite. Our server space is not used by any other organisations.
  • Each church has its own database, ensuring that each church's data is segregated from others.
  • User passwords have minimum length and strength requirements. When stored on the server, we use a one-way password hashing algorithm (based on the Blowfish cipher), with a variable salt which ensures that it is not susceptible to a hash table attack.

How safe is 'safe'?

The data centre used by ChurchSuite uses state-of-the-art security and meets some of the strictest of industry security requirements in order to have achieved ISO 27001 certification. Add to that our dual backup procedure to multiple locations, where data is encrypted at rest, and you can be assured your data is in good hands.

All data on the servers is encrypted at rest and server access is limited to only ChurchSuite employees - we never give our server passwords to anyone else. We also use dedicated hardware or exclusive-access virtual machines, and therefore no one else even comes close to your data.

What do you mean when you say 'backups'?

A backup is a copy of the data within your ChurchSuite account, and is taken in case of a catastrophic hardware failure or natural disaster (both of which are highly unlikely but we believe it pays to be prepared for the worst). Your ChurchSuite account is backed up in three separate ways:

  1. Firstly, the ChurchSuite server runs what is called RAID, where two identical hard disks mirror each other. If one hard disk fails, the secondary hard disk takes over, and no data is lost in the process.
  2. Secondly, a nightly incremental backup of the entire server is kept in the same data centre as the ChurchSuite server, allowing rapid recovery in the event of a major hardware failure.
  3. Finally, a secure incremental off-site backup is kept in a separate secure location. This backup would be used for data recovery in the event of a major natural disaster.

We retain a rolling 30 day backup cycle, which exceeds the industry standard of just 7 days.

Try ChurchSuite free for 30 days - just 60 seconds to sign up.

Free trial