Peninsula Visa Inc. has partnered with Armor Defense Inc. for the secure hosting of our clients data. Armor Defense Inc.’s servers are hosted at Tier III, SSAE-16 SOC 2 and PCI DSS compliant facilities. Our cage space within Armor Defense Inc.’s data center is located in the US and logically separated from other data center customers. The co-location facilities are powered by redundant power, each with back up generators.
Armor Defense Inc.’s data center facilities feature a secured perimeter with multi-level security zones, 24/7 manned security, CCTV video surveillance, multi factor identification with biometric access control, physical locks and security breach alarms.
All systems are constantly monitored by Armor Defense Inc.
Peninsula Visa Inc. utilizes Armor Defense Inc.’s US based data centers.
Dedicated Security Team
Our Security Team is on call 24/7 to respond to security alerts and events.
Our network is protected by redundant layer 7 firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits, and network intrusion detection/prevention technologies (IDS/IPS) that monitor and block malicious traffic and network attacks.
Armor designed its ISM based on the concept of defence in depth with its primary purpose being to provide the best possible security and risk mitigation for customers transacting sensitive information over the Internet. The ISM currently includes three primary layers: perimeter, host and access. These layers are integrated and designed to support and augment each other; allowing Armor’s SecOps team to provide a comprehensive managed security solution to its customers.
All of the Armor security services and tools are used to provide both preventative and detective measures that, when taken together, provide situational awareness to the SecOps team; allowing them to deliver the targeted security outcomes of minimal dwell time and very low attack to compromise ratio. Combined with a rigorous patching process Armor has achieved an industry leading low number of Points of Risk (POR).
Network Vulnerability Scanning
Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.
Third-Party Penetration Tests
In addition to our extensive internal scanning and testing program, each year Peninsula Visa Inc. employs third-party security experts to perform a broad penetration test across the Peninsula Visa Inc. Production Network.
Security Incident Event Management (SIEM)
A security incident event management (SIEM) system gathers extensive logs from important network devices and hosts systems. Thel SIEM creates triggers that notify the Security team based on correlated events. The Security team responds to these events.
Intrusion Detection and Prevention
Major application data flow ingress and egress points are monitored with Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS). The systems are configured to generate alerts when incidents and values exceed predetermined thresholds and uses regularly updated signatures based on new threats. This includes 24/7 system monitoring.
Threat Intelligence Program
Peninsula Visa Inc. participates in several threat intelligence sharing programs. We monitor threats posted to these threat intelligence networks and take action based on our risk and exposure.
Armor deploys redundant, multi-stage DoS/DDoS mitigation systems within its infrastructure that provide early detection and mitigation for these types of attacks. The currenttools in place include Packetdam and Arbor appliances. Thresholds are set in Packetdam that automatically trigger blackholing of DoS traffic in excess of 1Gbps and alert our NetOps team to the issue.
Access to the Peninsula Visa Inc. Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Peninsula Visa Inc. Production Network are required to use multiple factors of authentication.
Security Incident Response
In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.
Encryption in Transit
Communications between you and Peninsula Visa Inc. servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS).
Encryption at Rest
Peninsula Visa Inc. supports encryption of customer data at rest.
Availability & Continuity
Peninsula Visa Inc. maintains a publicly available system-status webpage
that includes system availability details, scheduled maintenance, service incident history, and relevant security events.
Our QA department reviews and tests our code base to identify, test and triage security vulnerabilities in code.
We utilize separate environments to develop, test each module exhaustively before migrating to our production environment.
Secure Development (SDLC)
Configurable Password Policy
Peninsula Visa Inc. provides only one level of password security: high. Peninsula Visa Inc. allows you to set high password security level through our company Portal.
Secure Credential Storage
Peninsula Visa Inc. follows secure credential storage best practices by never storing passwords in human readable format, and only as the result of a secure, salted, one-way hash.