What Does Security Really Mean to Your Success?
Not understanding everything on this page is no crime. Yet, not having it in place could lead to one. Your clients are becoming more attuned to this reality and they're asking tough questions, especially in RFP's. With BackChecked, you'll have all the right answers. That's important.
The Data Center
BackChecked servers are housed in an SSAE16 SOC 2 Type 2 audited data center, located in Phoenix, AZ. The facility is monitored by high-definition cameras and staffed by on-site security personnel 24 x 7. Phoenix is a location favored by global firms. Why? No floods. No ice storms. No earthquakes. No hurricanes.
Access to the server room requires a biometric scan. The servers are mounted in locked cabinets that contain only BackChecked equipment and only BackChecked authorized personnel have access. Servers are further protected by redundant air conditioning, on-site back-up generators and fire prevention systems. Redundant fiber connections from multiple broadband providers ensure continued availability of internet service.
The Servers and Application
The BackChecked application and your data reside on modern high-availability servers, protected by multi-level firewall and intrusion detection technology. Vulnerability scans are conducted on a regular basis by a PCI Approved Scanning Vendor.
Full system backups are performed nightly. Incremental backups are performed on a continuous basis throughout the day. Backup system copies are encrypted and immediately moved to an equally secure facility on a daily basis.
All data transmission to and from the servers is encrypted via SSL Certificates featuring SHA-2 and 2048-bit encryption.
Access, Control and Change History
BackChecked fully supports the Multi-factor authentication requirements of the three major credit bureaus and other providers of sensitive data. The system also enforces the use of strong passwords, login timeouts and password expiration. You control the frequency of each. You can also restrict login and/or access to credit data by IP Address.
You can assign 20 unique user rights to each staff member and 6 unique rights to each client user, enabling an exact match of privilege and responsibility. When necessary, you can immediately deny access to any user without contacting BackChecked.
The system automatically logs all transaction activity by username, providing a complete Change History audit trail that is immediately available to you. So, you will always know who touched each record and exactly what that user did to it.
To learn how these and other features can help to ease the task of achieving PBSA Accreditation, contact BackChecked today.