The My Booking Manager service is PCI-DSS compliant as a Level 2 Service Provider. Security measures for the My Booking Manager system and data storage meet or exceed the requirements set forth by the PCI Security Standards Council for Level 2 Service Providers. Some of the particular aspects of the security measures used are outlined here.
The Data Centre employed by My Booking Manager is a state-of-the-art, private data centre facility located in the USA. The selected centre offers a high level of reliability and performance, providing some of the quickest response times in the industry. As part of the Centre’s security policy, it is manned 24/7/365 by onsite highly trained staff. The Centre’s maintains restricted access to authorized personnel operating under its security policy addressing information security.
Unauthorized logical access and data manipulation is limited via implemented policy and procedures including:
– mixed mode authentication with strong password policy mechanism enforced
– in process multi-factor authentication
– input validation
– restricted permissions
– parameterised commands
– stored procedures
– database error handling unexposed to users
Data transfer between users and the My Booking Manager system occurs using current industry standard security (TLS 1.0 and higher as of 27JAN2017). Clients of My Booking Manager have sole rights and ownership of all client generated data which can be accessed at any time through the system’s management console.