Travel Relations LLC - taCONNECT Security

UPDATED AS OF MAY 1, 2018

 

taCONNECT SECURITY

The security of taCONNECT.net is managed on multiple levels. We use security measures to protect against the loss, misuse or alteration of the information under our control. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). User access to Travel Relations/taCONNECT Client services is via HTTPS connections.

Our security is broken down to:

• HOSTING
• NETWORK PAYMENT SECURITY
• USER ACCOUNT SECURITY
• EMAIL MARKETING (which adheres to the United States CAN-SPAM Act, Canadian Anti-Spam Laws (CASL) and the General Data Protection Regulation (GDPR))

 

HOSTING

Our Hosting infrastructure is setup on Amazon AWS and implement with all the security standards listed below.

Security Groups and Network ACL′s
Using Security Groups, we can create firewall rules controlling incoming and outgoing traffic at the instance level. We can restrict traffic by protocol type (TCP, UDP, ICMP), IP address, and port.

Access Control Lists (ACLs) work at the network subnet level. Network ACLs can be especially useful in the prevention of DDOS attacks, when we have a particular need to blacklist traffic from specific IP addresses.


Data Encryption
AWS provides Data encryption for EBS volumes, S3 buckets, and Relational Database Service (RDS).

When we create an encrypted EBS volume and attach it to an instance, data on the volume, disk I/O, and snapshots created from the volume, are all encrypted. When so configured, AWS encrypts each S3 object with a unique key. Amazon S3 server-side encryption uses one of the strongest block ciphers available – 256-bit Advanced Encryption Standard (AES-256).

RDS generates an SSL certificate for each DB Instance. Once an encrypted connection is established, data transferred between the DB Instance and your application will be encrypted during transfer.

NETWORK PAYMENT SECURITY

Our Payment Processing infrastructure is secure with Sectigo and Authorize.Net. We and our clients are protected with all the security standards listed below.

Sectigo
Sectigo protects information both online and off-line. The transmission of information, including any payment information, is encrypted and protected using Secure Sockets Layer (SSL). By using Sectigo SSL you guarantee the highest possible encryption levels for online transactions. Each SSL certificate is signed with NIST recommended 2048 bit signatures and provides up to 256 bit encryption of customer data.

Any data you submit to this website over a https connection will be securely encrypted with the strongest available algorithms. The SSL certificate used by this website carries a $10,000 warranty to further protect customer purchases. By choosing Sectigo SSL, the owners of this website have proven that customer security is their highest priority

This website uses a Sectigo SSL certificate to secure online transactions for customers.

Authorize.Net
Authorize.Net is committed to safeguarding customer information and combating fraud. We operate with a mission to provide the most secure and reliable payment solutions for you and your customers.

To accomplish this, Authorize.Net dedicates significant resources toward a strong infrastructure, and adheres to both strict internal security policies and industry security initiatives.

With Authorize.Net, your customers can be confident their data is secure. We utilize industry-leading technologies and protocols, such as 128-bit Secure Sockets Layer (SSL) and we are compliant with a number of government and industry security initiatives.

USER ACCOUNT SECURITY

User-level access to taCONNECT services is provided via a username and password selected by the end user. Passwords and credit card numbers are encrypted. User account setup, maintenance, and termination are under the control of the end user.

EMAIL MARKETING

Our email infrastructure is setup on SendGrid, Inc.

SendGrid, Inc.
SendGrid, Inc. is committed to protecting the privacy of the users of the http://www.sendgrid.com web site and the services offered through the Site, including by way of example the email and other communications sent through those services. Additionally, SendGrid adheres to the Safe Harbor Principles as agreed to and set forth by the United States Department of Commerce and the European Union. https://sendgrid.com/policies/privacy

Email Compliance
Travel Relations/taCONNECT follows the rules set by the United States CAN-SPAM Act, the Canadian Anti-Spam Laws (CASL) and the General Data Protection Regulation (GDPR).

All verified contacts that receive email from Travel Relations/taCONNECT or our partners have either; agreed to the privacy policy. https://www.taconnect.net/taconnect_privacy_terms.htm , or have personally agreed to the “Expressed Permission” or “Implied Permission” as outlined below.

Every email deployed from Travel Relations/taCONNECT or our partners has an automatic “Unsubscribe” link at the bottom of every email. Any contact that unsubscribes will be immediately removed from future emails.

In order to comply with the United States, Canadian and European Union Spam laws, any email address subscribed follows these rules:

• Express Permission is when an individual has opted-in or specifically requested to get their emails. Some examples of this are:
  • Anyone who goes through a double opt-in or confirmed opt-in process
  • Someone who signs up to receive your emails from our or our partner webpage
  • People who sign up using a form with the specific purpose of being added to a mailing list
     
    
• Implied Permission happens through a client or customer relationship. For example, they may get implicit permission through:
  • The exchange of business cards
  • A verbal request
  • A fishbowl collection where no consent to email is asked