take security seriously …

Websites are under constant attack from hackers.  Sites hosting loyalty and incentive programs are prime targets, given they manage the currency of points.   Protecting against those attacks is a critical function of any company hosting loyalty and incentive program websites.

more…

Vanson takes site and data security very seriously.  Our clients’ databases and websites are hosted at secure data centers, with rigorous security controls regulating physical and electronic data access.  Data centers include security measures such as biometrics and the latest electronic access systems.  Access to data centers and client data is granted to Vanson employees on a ‘need to’ basic only.  Regular security audits are conducted at each data center.  Vanson conducts both internal and external penetration testing to detect vulnerabilities and threats, including deep testing of web apps on the perimeter, internal networks, remote and mobile devices, and other instances with authenticated and complex scans.  Our testing seeks to detest OWASP Top 10 risks such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and invalidated direction.  We also test using WAS’ SOAP and REST API scanning capabilities. 

Vanson also deploys a confidential disaster recovery (DR) plan.  Vanson complies with standards for PCI DSS, HIPAA, Sarbanes-Oxley, and other regulations as needed.