Security Policies & Procedures

Details about our Protocols and Policies…

Our appointed Office Security Officer is Joseph Young.  He can be reached at (800) 538-1556, Extension 13.

Our computers and programs and internet access to secure servers are all protected by passwords that are changed a minimum of every 90 days.

No consumer credit card or bank account information, nor social security or drivers license numbers are stored on our server

We do not disclose any credit card information or other non public information to anyone until they have satisfactorily identified themselves and the reason for their inquiry as legitimate and deemed authorized to receive said information

We do not email non public personal information about you or your business.  We do not share your information with unauthorized third parties.

We have other extreme security measures in place that cannot be revealed for the very reason that they exist.

Social Media Policy:

Employees may access social media sites during work hours if using for work-related purposes. However certain rules do apply to such access. Social media usage during non working hours are restricted only in circumstances that directly affect On-Line Credit Card Services. If an employee misuses social media and/or violates the social media policy, he or she will be subject to discipline, which could include termination.

All previously stated restrictions relative to disclosure of non public information for both merchant customers and also for other employees is fully in effect, whether on social media site for company OR personal use.

Company email is prohibited for personal social media login.

All other policies as expressed in the employee handbook also apply on social media sites, such as the sexual harassment policy.

References to incidents relative to merchant customers, especially by name, are not allowed on personal social media sites.

Further Security Measures:

The following items are reviewed periodically as indicated. Further information is tracked via logs where appropriate.

Confirmation of all merchant service providers PCI Compliance checked annually.

Anti-virus audit logs are reviewed monthly.

Internal network scans are done quarterly and must receive a passing result. This may be done electronically or by a physical inspection of all access points.