Secure Channel – SSL/TLS used to encrypt communications channel
Secure Transmission – SFTP used for file transmission
PGP File Encryption – Ensures that file content can only be read by the intended recipient
Database Encryption – Protects sensitive data from being accessed by administrative-only users
Secure Data Facilities – Data stored securely with established hosting providers
Two-factor Authentication – Security token installed on user’s mobile device coupled with password access
Password Policies – Adaptable to the IT policies of each corporation
Access Control – Configurable, role-based access
Audit Trails – Eliminates data tampering concerns through traceable and accountable actions
IP Address Filtering – Additional security measure to restrict access
Digital Signatures – Monetary transactions can be traced and verified, thus avoiding repudiation of approvals
Session Timeout – Reduces exposure to risk of unauthorized access
OWASP Compliance – Protection of application from known vulnerabilities
