Secure grants software
Best practice security measures that protect you, your organisation and your program participants. Safe, secure and private.
No credit card required | 14-day free trial | Cancel anytime
One of the most secure grants management software solutions worldwide. If not the most secure.
ISO/IEC 27001 certified
ISO/IEC 27001 is a specification for an Information Security Management System (ISMS), set by the International Standards Organisation (ISO). Good Grants has been independently audited and verified to fulfil the requirements of the ISO/IEC 27001 : 2013 standard. You can be confident your participants’ information remains private, the integrity of this information is maintained and is readily available at all times.
GDPR + CCPA compliant
Good Grants helps you maintain your General Data Protection Regulation (GDPR) and Californian Consumer Protection Act (CCPA) compliance. You can mark fields with personal/sensitive data to apply additional levels of security, manage users with any privacy requests, download user data for information requests or permanently delete a user on request. Your users also have access to consent options and can set their notification preferences at any time.
Good Grants comes standard with multi-factor authentication (MFA) technology and you control which roles are required to use it. Individual users can choose to increase protection of their personal account against unauthorised access by enabling (MFA) as well. The primary authentication method after password is a Time-based One-Time Password (TOTP). Backup recovery methods include recovery codes and SMS.
Good Grants databases are mirrored in real time across separate geographic locations for resilience. Databases are backed up daily and retained for 30 days. Uploaded media is stored in Amazon S3, meaning it is redundantly stored across multiple geographic locations and multiple devices in each location, for ultimate redundancy.
Roles and permissions access control
Good Grants uses a robust and comprehensive system for allocating user roles and associated system use permissions. Your users can only access functionality they’re permitted to, whether they are applicants, reviewers, project coordinators or grants managers.
In keeping with best-practice security, all data at rest (in our databases) is stored encrypted. All data in transit is protected using TLS 1.2 (https) by default, with 256-bit encryption key and SHA-256 signed certificates.
We manage our own server instances on Amazon’s AWS infrastructure. Good Grants accounts are never in a hosted environment shared with other unknown companies or websites. Our multi-server architecture is secured in a Virtual Private Cloud (VPC).
The Good Grants private cloud
Good Grants operates our own high-resilience Virtual Private Cloud (VPC). All our application stack physical infrastructure and data storage is within Amazon Web Services (AWS) data centres in the EU. AWS data centre and network architecture are built to comply with stringent global standards and meet the requirements of the most security-sensitive organisations.
AWS data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems, and other electronic means.