June 21, 2018
Behind the Scenes: 3 Ways KUBRA Ensures Client Data is Secure
We all know what Target, Saks Fifth Avenue, and Forever 21 have in common, and it isn’t that they sell our favorite things. Each of these companies have had their customers’ payment data compromised in a security breach, a situation all too common today.
Did you also know that utilities rank among the top five industries most at risk for cyber attacks? A not-so-surprising fact considering the amount of cardholder data that is stored to process utility payments. With so many payment solution providers throwing around terms like “end-to-end protection” and “PCI compliant,” how can you know who to trust to keep the personal information of your customers safe?
Here are three main ways KUBRA is keeping client data secure at all times.
Every Transaction is Encrypted
At KUBRA, payment transactions are always encrypted whether the data is in transit or being stored for processing. Data encryption is a simple concept with a lot going on behind the scenes. Encryption is the process of encoding a message or information in such a way that only authorized parties can access it. The intended message, referred to as plaintext, is encrypted using an algorithm, referred to as a cipher, that can only be read if decrypted.
As cyber criminals get more advanced, the cipher used for encryption can become vulnerable and therefore requires consistent updates. KUBRA will implement the most secure protocol ciphers suggested by PCI to stay ahead of vulnerabilities to existing ciphers being utilized. Going beyond the PCI expectations of quarterly cipher scans and utilizing the TLS 1.1 version deemed “good enough,” KUBRA will scan and update ciphers weekly, and use the most advanced TLS 1.2 version because our clients deserve better than just “good enough.”
IP Reputations are Always in Check
IP address reputation checks play a role in interactions with clients and their end-customers. IP address stands for Internet Protocol address, which is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It serves two main functions: host or network interface identification and location addressing.
When a network has been infected with a virus, malware, or other type of attack there are always subtle signs that indicate a change has occurred. At KUBRA, we employ advanced tools that quickly detect irregular activities, tag the IP as “bad reputation,” and stops the connection to the KUBRA network right away. In most cases, KUBRA will recognize when a computer has been attacked sooner than the computer user.
Continuing to go one step further to ensure the utmost security, KUBRA institutes IP filtering to reduce attacks from regions that KUBRA does not normally receive traffic from.
A Zero Day Response Policy
Security at KUBRA starts internally. Every employee computer undergoes regular updates and patches to ensure that internal systems are up to date with the latest security tools. Some companies establish weekly or monthly updates but, staying true to our reputation, KUBRA institutes checks for employee computer updates every four hours, shares the update internally, and instantly implements the update into the employee computers. In addition, similar to the IP reputation check, internal behavioral analysis tools are designed to detect changes in employee computer behavior, as well as other changes in patterns, to prevent the spread of computer viruses that can lead to full-scale attacks.
At KUBRA, our security measures go beyond common terms. We actively employ the most secure methods because the trust of our clients and the security of their customers’ data has and always will be a top priority.
For more information about data breaches in the United States, see our recent infographic, “The True Impact of a Data Breach” here.
Contact us to learn more about KUBRA’s secure billing and payment solutions.
- SSIC. 2018 Predictions: A New Era of Security or More of the Same?
- KUBRA Security