How to Keep Your Store-Specific Data Safe and Secure
October 4, 2021 by Craig Hoss – When thinking about your store-specific profile data or single source of truth, ensuring that this invaluable data is housed securely will always be top of mind for your IT team. In honor of October being recognized as National Cyber Security Awareness Month (NCSAM), in collaboration between the U.S. Department of Homeland Security and the National Cyber Security Alliance, let’s take a look at the importance of cybersecurity in retail platforms.
For example, the AccuStore Software-as-a-Service (SaaS) platform runs on infrastructure housed in Microsoft Azure SOC 2 Type II certified data centers, which leverages world-class 24/7/365 security controls. These data center control specifics include:
Main access to the data center facilities are restricted to a single point of entry that is guarded by security personnel. The main interior or reception areas have electronic card access control devices on the perimeter doors, which restrict access to the interior facilities. Rooms within the data centers that contain critical systems such as servers, generators, electrical panels and network equipment are restricted through various security mechanisms, such as electronic card access control, keyed lock on each individual door, mantraps, and biometric devices.
Physical entry is restricted, and access is tracked using a ticketing system. Badges are either issued or activated for personnel requiring access after verification of identification. The Data Center Management team is responsible for reviewing data center access on a regular basis and for conducting a quarterly audit to verify individual access is still required.
Data center surveillance systems monitor critical data center areas such as the main entry/exit, data center co-locations entry/exit, cages, locked cabinets, aisleways, shipping and receiving areas, critical environments, perimeter doors and parking areas. Surveillance recordings are retained for 90 days or as the local law dictates.
AccuStore Software-as-a-Service Platform
The AccuStore platform itself is protected by best-of-breed security appliances and software solutions. In additional to these safeguards, AccuStore employs the following security features:
- OAuth2 Standard/SAML 2.0 for Single-Sign-On Authorization and Authentication
- Advanced Permission Controls
- Data is fully encrypted in transit and at rest
- Backups are fully encrypted
- Transport Layer Security (TLS) for e-mail transmissions
Every retail partner that relies on the AccuStore platform receives peace of mind that their data is safely transmitted, managed and stored. If you’re a current customer with questions about any of the security measures mentioned, feel free to contact your AccuStore account manager. If interested in learning more about our store intelligence SaaS solution, contact us for additional information.
About Craig Hoss
Craig has served as chief technology officer of AccuStore, a GSP Company, since 2016. He brings extensive experience transforming organizations across multiple industries that range in size from start-ups to Fortune 100 companies, including Microsoft and Lucent Technologies. Prior to joining AccuStore, Craig served as chief information officer for Healthesystems, leading a team of 150 technology professionals.