First and foremost: your data is your data.
Funders on Mighty’s platform only have access to their siloed instance of the application and the corresponding data. Furthermore, we provide our customers with the highest standards of data portability, data deletion, and access to continuous data backup.
Mighty is designed with multiple layers of protection to ensure that malicious agents cannot access your data. Here are just a few of the most important technological features we use to keep your data secure:
AWS is the gold standard for cloud-computing and used by Conde Nast, Intuit, NASDAQ, Netflix, Pfizer, and SAP, among other Fortune 500 companies. The Virtual Private Cloud (VPC) is an isolated section of AWS reserved for your information, so your data is always walled off from the rest of the web.
Communications between you and
AWS servers are encrypted via industry standard HTTPS and 256 bit Transport Layer Security (TLS). Your data is encrypted both when it is “at-rest” on AWS servers, as well as when it is being transmitted between the servers and your machines.
We use a PBKDF2 password hasher to securely store users’ passwords on AWS. This is recommend by the National Institute of Standards and Technology (NIST). Attackers would require tens of millions of years of computing time to break our customers’ passwords with known technologies.
The bedrock of the technology and legal controls we put in place to keep your data secure and private is Mighty’s culture of security. We instill the importance of security and best practices across our professional organization.