The Technology behind Fellowship One, a Web-Based Church Software Solution

Fellowship One is developed with a business mindset using enterprise-level technologies. Why is this so important to understand? The term "church technology" would probably be considered an oxymoron. Traditionally, church software often lags behind business and technology trends by at least 5 to 10 years. Shouldn't the church be given the opportunity to leverage the best that the world has to offer in order to fulfill the Great Commission?

Maintaining a Software as a Service (SaaS) with high availability is something that Fellowship Technologies considers absolutely vital to its success. Our company is concentrated on the maximum availability of our systems to our partner churches and the highest levels of security to keep their information safe and secure.

Where is the hardware located?

Fellowship Technologies owns and operates its own servers located in a world class data center called The Planet. We currently have more than 40 different servers and network equipment actively being utilized to run the Fellowship One application suite. The Planet provides a hardened facility, secure physical and network infrastructure, and multiple levels of redundancy for electrical power and Internet connectivity. Their facilities are rated to withstand an F5 tornado; an F5 has wind speeds up to 318 mph. In contrast, a Category 4 hurricane, such as Hurricane Katrina in 2005, had wind speeds up to 155 mph.

For more information on The Planet’s facilities and operations you can visit their DataCenter overview.

Is it reliable?

Our infrastructure consists of many different layers of redundancy to ensure maximum availability. Redundancy refers to having two or more of the same servers or devices performing the same function. In the unlikely event of a failure the system remains operational because the secondary device or server can temporarily take over the load.

The Planet provides redundant electrical power and Internet connectivity. Fellowship One has built-in redundancy throughout the hardware and software components of the entire solution.

• Network Redundancy - Our architecture offers complete redundancy throughout, including the data switching hardware, firewalls, and load balancers. This assures uptime in the event of failure as well as enough capacity to maintain performance levels.
• Server Redundancy - Each tier of the application resides on duplicate servers offering failover that is independent of each member server in the tier and independent of the Directory Services that secure and manage the network. Hardware load balancers are constantly testing to make sure that connectivity is available to these various tiers and immediately reroute traffic in the event of a failure.
• Data Redundancy - The application database is stored on many, many redundant drives within the servers configured in a cluster. This architecture has the ability to keep running in the event of multiple failures to either drives and/or processors..

Is it Secure?

• Physical Security - All of our equipment and data is located within The Planet, which has guard controlled access to the facilities to ensure only authorized personnel can enter. And our servers are located within a private locked cage which is monitored 24x7 with an array of security cameras.
• Network Security - The entire network is protected by firewalls and monitored by intrusion detection systems. Inside the firewalls, the systems are safeguarded by multiple network address translation, port redirection and other IP addressing schemes. Fellowship Technologies proactively monitors and analyzes all system logs to identify security threats.
  
  Additionally, our data center utilizes systems for Intrusion Detection, Distributed Denial of Service, and many other external threats.
  
  Lastly, we employ a company called ScanAlert to proactively test our network vulnerabilities. They test our sites daily to ensure we pass the FBI/SANS Internet Security Test. Their "live" HACKER SAFE mark appears only when a web site's security meets the highest security scanning standards of the U.S. government, Visa, MasterCard, American Express, Discover and JCB.
• Application Security - Our integrated application security architecture allows administrators fine-grained control over what each user can see and do. Additionally, countermeasures to application-level threats such as buffer overflow, cross-site scripting, SQL injection, and canonicalization have been addressed in Fellowship One.
• Data Security - Fellowship One uses the strongest encryption products to protect customer data and communications. All data transferred over the network uses SSL encryption backed by 128-bit GeoTrust digital certification. Users can only access Fellowship One with a valid username, password and church code combination, which are encrypted via SSL while in transmission and encrypted within the database as well. All data entered into and stored within Fellowship One by a customer is owned by that customer. That means no one, not even Fellowship Technologies employees, has access to your data unless authorized by you.
• Visa PCI Compliance - In addition to the many different security measures we take, we completed Visa’s Payment Card Industry (PCI) data security compliance audit. The PCI standards cover everything from network security, to application security, to background and credit check screening of our employees.
• Backups - All customer data, up to the last committed transaction, is automatically backed up to disk and tape. Backups are stored offsite to allow full recovery in case of disaster. At least six different copies of the data, in a combination of formats both on-site and off-site, are kept to ensure that any data failure can be fully recovered in a timely manner.