February 4, 2014 | Sheri Hebbeln
You juggle many responsibilities when running an online wine store. Given the recent incidents with Target and Yahoo! Mail, one of the responsibilities on everyone's mind today is security. When dealing with financial data, it's important to make sure all personal information is protected and that the vendors you entrust with that data are providing world-class security solutions.
At WineDirect and Vin65, nothing is more important to us than the security of our customer’s data.
We take a number of steps to ensure your data remains secure and a few of them are outlined below. Of course, we are always happy to answer questions you may have regarding security so please don’t hesitate to contact the Vin65 support team.
Vin65 is PCI Level 2 certified. PCI Data Security Standards (PCI DSS) are technical and operational requirements for protecting cardholder data and other information used to authorize transactions. Adhering to the PCI DSS is not a single event but rather an ongoing process, and we undergo regular scans by a PCI Security Standards Council approved scanning vendor (ASV) to ensure our platform meets rigorous standards. Along with the testing performed by third parties we select, our customers engage third parties to scan our platform on a daily basis.
How We Monitor for Threats
We regularly monitor our entire platform for intrusions and data breaches, and we perform monthly reviews of all logs. Quarterly network vulnerability scans are performed by Comodo HackerGuardian to ensure our platform, systems, and network are secure against the latest attacks.
Securing Your Data in the Cloud
Cloud computing provides a number of benefits such as reduced capital expenditures, lower IT costs, and importantly, improved security. Economies of scale allow cloud providers to invest heavily in highly skilled security teams and the latest technologies. In fact, the security resources of cloud providers frequently exceed those that organizations can afford independently.
The Vin65 hosting infrastructure is located in the Amazon Web Services (AWS) cloud, which allows us to take advantage of their world-class protection. Their data centers are state-of-the-art and utilize innovative architectural and engineering approaches. Amazon is PCI Level 1 compliant and holds several industry security certifications in addition to that. Because we are an AWS customer, you can rest assured that the Vin65 architecture is built on top of some of the most secure computing infrastructure in the world.
Building Secure Products
From the design phase, to coding and testing, we make sure best practices are incorporated throughout the development of our products. We’ve been an Amazon AWS Partner for more than a year, and we regularly attend their training conferences to ensure our team stays on top of best practices related to data security.
Features You Can Take Advantage Of To Safeguard Your Customer Data
User security within the Vin65 platform allows you to customize permissions by user. Domain admin users have access to all information. They can configure staff as basic admins, granting them access to the specific features required for their roles. Domain admin users can also set user accounts as inactive and change passwords to ensure they are secure. Inactive accounts are automatically deactivated after 90 days.
The Vin65 platform maintains logs of the last person to modify records. We display history for your sensitive order data so that you can review what actions have taken place on each order and create a proper audit trail.