 |
|
| Data Security And Reliability Information |
|
Overview of Data Security Processes
SpeedChex is an online based system used to collect, process and ultimately submit electronic checks as ACH transactions through the Federal Reserve. For this system to be secure and reliable, there are two main areas that must be dealt with.
First, this is a financial system that receives, transmits, and stores bank account information that belongs to both individuals and to businesses. Thus, it must have the highest levels of protection at all times.
Second, merchants and their customers depend on this system to be reliable - so it must be always available and must respond quickly to all interactions.
To address these areas, a great deal of time and money have been invested in the hosting facility, infrastructure, systems monitoring and security.
Facilities
The SpeedChex data center is located in one of the most advanced hosting facilities in the world. The Dallas InfoMart was designed specifically for telecommunication providers, Internet data centers, and other high-end technology companies requiring redundant high-speed connectivity.
Hospital-grade electrical power is supplied to the building by three independent Texas utility stations. The hosting facility is further equipped with industrial-grade uninterruptible power supplies in case of the unlikely event that a serious catastrophe occurs. The SpeedChex servers themselves are
also supplied with an independent uninterruptible power supply in case of localized power problems.
The building also includes other important security features including 24/7 surveillance; protection by security guards and a state-of-the-art fire suppression system.
Infrastructure
The Internet data center that provides hosting for the SpeedChex servers features multiple tier-1 network connections to three different Internet backbone providers. If a problem occurs with any single network connection, traffic is re-routed onto the other redundant connections until the problem is resolved.
The SpeedChex servers are connected on their own private 100Mbps Fast Ethernet network. A state-of-the-art firewall system protects the entire network from unauthorized access and hacking attempts.
Server redundancy and other important fail-overs have been implemented on the entire system. As an example, each server is equipped with multiple hot-swappable hard drives in standard RAID configuration to keep the servers running in case of any single hard drive failure.
Monitoring
The fully staffed Network Operations Center has trained system administrators on duty 24 hours, seven days a week. These professionals monitor the Internet connectivity and traffic for any disconnections, bottlenecks, or slow-downs that require fixing. They also perform systems maintenance as needed and ensure the servers
are operating at maximum efficiency and availability.
To help with the detection of potential or real problems, each server is equipped with internal software that monitors the entire SpeedChex system and immediately notifies the support professionals when a problem is detected or a potential problem needs to be addressed.
Physical Security
Security guards provide protection for the facilities 24 hours a day, seven days a week by restricting access through a reception area, making physical patrols and monitoring a closed circuit video surveillance system
Any person wishing to gain access to the servers must use photo ID, an electronic access badge, and keys to gain access through alarmed doors, closed-circuit monitors, motion detectors, and key locks.
Data Security
The SpeedChex servers are protected by a Linux-based firewall system that has been custom configured to the highest security specifications. Security breach attempts are monitored and reported. The operating systems are kept up-to-date with the latest security patches issued by the OS makers.
All transaction data sent to and from the SpeedChex servers are secured during transmission using 128-bit SSL encryption verified by Thawte, a VeriSign subsidiary. Data is backed-up daily to ensure protection in case of catastrophic system failure.
And finally, every merchant and processor that is granted Internet access to the SpeedChex servers is assigned a unique ID, login name, and password that must be included as part of each data packet sent to the servers. An IP filtering scheme is used to ensure that transaction packets are only received and processed if the IP address of the computer system sending the transaction fits into the IP address range specified in the merchant’s or processor’s security profile.
Conclusion
Although much effort has been made to ensure the security and reliability of the SpeedChex system, these issues will remain as an ongoing priority for the SpeedChex system designers and support teams. Any new technologies that evolve in these areas will be evaluated and the best ones will be incorporated to make the SpeedChex system even better for the future.
|
|
