Data Management & PCI Compliance
Robbins provides our clients with end-to-end financial processing. banking solutions, and credit card processing. We process Millions in credit card transactions per year. Because of our high volume of transactions, we must hold the second highest level of Payment Card Industry (PCI) compliance. This requires that we perform advanced data security measures such as server and firewall penetration testing, encryption protocols, backups, Approved Scanning Vendors (ASV) monitoring, and a complete annual audit from a PCI Qualified Security Assessor.
To meet Level 2 PCI Compliance, we have developed strict security protocols and measures. We have installed a robust Meraki Firewall with 2-Tier authentication, daily review of security logs and monitoring regular security updates. As part of Level 2 requirements, we are required to conduct quarterly security scanning of all servers, networks and computers on the network for vulnerabilities, weak configurations or potential exposures. We also conduct regular penetration testing, attempting to break into the Robbins network, to find security holes, and analyze our network environments for possible ways to exploit potential vulnerabilities. We also check our suppliers and equipment providers to ensure they adhere to PCI DSS guidelines.
We have retained the consulting services of VikingCloud for our PCI Compliance review and to develop a roadmap to provide the highest standards in Payment Card Industry Data Security Standard (PCI DSS). Robbins has deployed a VikingCloud external vulnerability scanning service, constantly monitoring our server to ensure it is not exposed to potential attacks. This service meets the highest standards and is certified by the Payment Card Industry Security Standards Council.
Robbins offers a fully cloud-hosted system and service, located on virtualized and dedicated servers within our dedicated data center located in our Victoria offices. All servers have the utmost in data security, backup duplication of the database and our resilient data center with three levels of power and internet redundancy.