Clubessential has designed its systems to provide the highest levels of security for its clients. Security features include:
- Clubessential encrypts usernames and passwords before transmission over the Internet. Without such encryption, hackers armed with "sniffers" can capture usernames and passwords.
- No security "tokens" are passed by way of URL extensions over the Internet (this common practice permits hackers to "roll the tokens" to gain access to private websites) - instead Clubessential takes advantage of .Net features that allow these security items to be kept on the server as "session variables."
- Juniper Netscreen 50 firewalls protect Clubessential's hosting networks from attacks.
- Clubessential has engaged Zyedge, a firm that specializes in network security, to manage the security of it s servers. Zyedge constantly monitors for intruders and newly discovered loopholes.
- The physical hosting facility is hardened and secured well enough that large banks co-locate their servers with Clubessential.
- Transmission of data from clients' servers to Clubessential's servers (for example to support member statement displays) is accomplished using military level encryption.
- SSL encryption is used to safeguard transmission of financial information, such as credit card numbers.
- Symantec Antivirus Enterprise edition protects against virus and other such attacks.
- The Barracuda 600 email appliance filters out Spam, denial of service attacks, and other malicious messages.
- Clubessential's Axis product allows the partitioning of the private side of the website so that only certain groups can have access to see or update particular areas of the website.
Every time Clubessential makes a substantial change to its products, a key consideration is the further strengthening of security. Since Clubessential's rate of development is very high, this means that our security defenses keep pace with the ever changing challenges from malicious hackers over the Internet. |