7 Ways We Protect Your DataTLS: Our systems use powerful SHA2 256 2048-bit Transport Layer Security (TLS) to encrypt any data transmitted between us and our users, and between our servers and data centers. It’s as strong as the encryption used by online banks and payment systems, and it ensures that outside parties can’t read or intercept your information.
SSH: The folks on our server support team communicate using Secure Shell (SSH) protocol. SSH is a robust network encryption protocol used to protect login credentials and all other information coming into and going out from our servers.
Physical Security: Both our data center and our head office are private and secure, and have strict multi-layer security protocols including gatekeeping by security officers, visitor vetting and authentication, and badging.
Environmental Controls: Our data center is built to make sure we can keep delivering the best experience to you even if things happen that are out of our control. This includes disaster-compliant construction and architecture, backup generators, high performance HVAC systems, and internal systems to detect smoke, fire, and water.
Malware Protection: We use updated anti-virus software on all relevant platforms.
Data Disposal: We cross-shred sensitive printed information, and irrevocably delete sensitive information that lives on hard drives and other media formats.
Vulnerability Monitoring: We monitor security vulnerabilities as they are identified and are communicated by tech vendors or alerting services. If we find a known vulnerability in one of our systems, we assess it to confirm if it’s applicable to the version of the tech we’re using. After testing, we work to implement vendor-approved patches and upgrades.
Third-Party VendorsWe use reputable third-party vendors to make sure we’re meeting and exceeding information security and data protection policies and standards. These vendors help us stress test our systems with regular penetration testing to search out, identify, and resolve any vulnerabilities with vetted and approved fixes.
When we use these third-party service providers:
- We run data privacy and information security risk assessments on each and every vendor;
- We make them sign confidentiality agreements that include their responsibility to keep your information confidential; and
- We make them use the controls and systems we use in our own work
GDPROn May 25, 2018, the European Union’s General Data Protection Regulation became a game-changing event for many global companies. While this regulation did not directly affect TravelBank, it has had a direct impact on some of our clients.
TravelBank takes the protection of customer’s personally identifiable information seriously. To support our clients, we have and will continue to maintain a formal data protection program with a dedicated Data Protection Officer in place. As we move forward, TravelBank continues to evolve its data protection capabilities to address a dynamic threat landscape.