Shelter Sense - Animal Shelter Management SoftwareShelter SenseShelter Sense Home - Animal Shelter Management Software
Get Started

Security

Last Updated: March 6, 2026

Our Commitment to Security

At Shelter Sense, we take the security of your data seriously. We understand that animal shelters entrust us with sensitive information about animals, staff, volunteers, and operations. This page outlines the comprehensive security measures we have implemented to protect your data and ensure the integrity and availability of our service.

Data Encryption

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using industry-standard Transport Layer Security (TLS) 1.3 protocols. This ensures that:

  • All communications are encrypted and cannot be intercepted by third parties
  • Data integrity is maintained during transmission
  • Authentication ensures you're connecting to our legitimate servers

Encryption at Rest

All sensitive data stored in our databases is encrypted at rest using AES-256 encryption. This includes:

  • User account credentials (hashed using bcrypt)
  • Payment information (we never store full credit card details)
  • Sensitive animal and shelter records
  • Database backups

Infrastructure Security

Hosting and Data Centers

Shelter Sense is hosted on secure, enterprise-grade cloud infrastructure with:

  • 24/7 physical security monitoring
  • Redundant power and network connectivity
  • Geographic redundancy for disaster recovery
  • SOC 2 Type II certified data centers
  • Regular hardware security updates

Network Security

Our network infrastructure includes multiple layers of protection:

  • Distributed denial-of-service (DDoS) protection
  • Web application firewalls (WAF)
  • Intrusion detection and prevention systems
  • Network segmentation and isolation
  • Regular security vulnerability scanning

Access Controls

Authentication

We implement robust authentication mechanisms to ensure only authorized users can access the system:

  • Secure password requirements (minimum length, complexity)
  • Password hashing using bcrypt with salt
  • Session management with secure tokens
  • Automatic session timeout after inactivity
  • Account lockout after failed login attempts

Authorization and Permissions

Shelter Sense implements role-based access control (RBAC) to ensure users only have access to the data and functions they need:

  • Granular permission levels for different user roles
  • Organization-level data isolation
  • Audit logs of user activities and data access
  • Administrative controls for user management

Internal Access Controls

Access to our production systems by Wilkins Software employees is strictly controlled:

  • Principle of least privilege for all staff access
  • Multi-factor authentication (MFA) required for all administrative access
  • Comprehensive logging of all administrative activities
  • Regular access reviews and audits
  • Immediate revocation of access upon employee termination

Security Monitoring and Testing

Continuous Monitoring

We maintain 24/7 security monitoring to detect and respond to potential threats:

  • Real-time alerting for suspicious activities
  • Automated threat detection and response
  • Security information and event management (SIEM)
  • Regular log analysis and correlation

Vulnerability Management

We proactively identify and address security vulnerabilities:

  • Regular security assessments and penetration testing
  • Automated vulnerability scanning of all systems
  • Dependency scanning for third-party libraries
  • Prompt patching of identified vulnerabilities
  • Security testing as part of our development lifecycle

Code Security

Security is integrated into our development process:

  • Secure coding standards and guidelines
  • Code review process with security focus
  • Static application security testing (SAST)
  • Dynamic application security testing (DAST)
  • Regular security training for developers

Incident Response

Security Incident Management

We have a comprehensive incident response plan in place to quickly address any security incidents:

  • Documented incident response procedures
  • Designated security response team
  • Rapid containment and remediation processes
  • Post-incident analysis and improvement
  • Notification procedures for affected users

Data Breach Response

In the unlikely event of a data breach, we commit to:

  • Immediate investigation and containment
  • Prompt notification to affected users
  • Transparent communication about the incident
  • Cooperation with relevant authorities
  • Implementation of measures to prevent recurrence

Data Backup and Recovery

We maintain robust backup and disaster recovery procedures:

  • Automated daily backups of all data
  • Encrypted backup storage in geographically separate locations
  • Regular backup restoration testing
  • Point-in-time recovery capabilities
  • Documented disaster recovery procedures

Compliance and Certifications

Shelter Sense is committed to meeting industry security standards and regulations:

  • GDPR compliance for data protection and privacy
  • CCPA compliance for California residents
  • Regular security audits by independent third parties
  • Adherence to OWASP Top 10 security best practices
  • SOC 2 Type II compliance (in progress)

Third-Party Security

We carefully vet all third-party services and vendors:

  • Security assessment of all third-party integrations
  • Use of reputable, security-certified vendors
  • Contractual security and privacy requirements
  • Regular review of third-party security practices
  • Minimal data sharing with third parties

Employee Training and Awareness

Security is a priority for all Wilkins Software employees:

  • Regular security awareness training for all staff
  • Specialized security training for developers and operations teams
  • Phishing simulation exercises
  • Security incident reporting procedures
  • Confidentiality and data protection agreements

Responsible Disclosure

We welcome reports of potential security vulnerabilities from security researchers and users. If you discover a security issue, please report it responsibly:

  • Email security reports to: security@wilkins.software
  • Provide detailed information about the vulnerability
  • Allow us reasonable time to address the issue before public disclosure
  • Do not exploit the vulnerability or access user data

We commit to:

  • Acknowledge your report within 48 hours
  • Provide updates on our investigation and remediation
  • Credit you for the discovery (if desired) once the issue is resolved
  • Not pursue legal action against good-faith security researchers

Your Role in Security

Security is a shared responsibility. You can help protect your account and data by:

  • Using strong, unique passwords
  • Not sharing your login credentials
  • Logging out when using shared computers
  • Keeping your contact information up to date
  • Reporting suspicious activities immediately
  • Educating your staff and volunteers about security best practices

Questions About Security

If you have questions about our security practices or concerns about the security of your data, please contact us: