Execu/Tech Systems, Inc.
Knowledgebase
Search:
850-747-0581 Email Website
Contents
 
:
IndexBookmarkPrint This Article

Home > System Requirements > Data Security

Data Security

Execu/Tech Systems is not an IT or data security company. You are encouraged to seek advice from experts in these fields to determine the best practices for your company.

 

Antivirus

 

A quality antivirus should be used on the clients and servers. Here are some things that will reduce the risk of your antivirus application negatively affecting the performance of the Execu/Tech software:

  • Don't let the antivirus at the client and server scan the same files. This is a guaranteed way to slow down network traffic.
  • Don't live-scan files with these extensions:

    .fil (these are data files, not executables)

    .txt (these are plain text files used for a variety of reasons, including text logging)

  • There are many .exe, .dll, .ocx, .vbs, .js, etc. files that can be live-scanned and will produce minimal delays.

GDPR Concerns

Wikipedia information

For customers concerned about the European Union's General Data Protection Regulation (GDPR), here is some information that should help you determine if Execu/Tech's software fits within your compliance plan:
  • Guest data is stored in an encrypted database.
  • NEVER enter a guest's personal information into a field not designed for it. This includes names, addresses, phone numbers, email addresses, birth days, etc.
  • NEVER enter credit card information into a field not designed for it.
  • To limit access to guest's personal data, be sure that all employees have their own login IDs and passwords and that these login credentials aren't shared. Not only will this help limit access to this data, it also allows the software to determine who has accessed the data.
  • Guest's information 
  • Backup archives of the database are again encrypted and password protected on the PMS server.
  • Backup archives are transmitted over a secured connection to the Execu/Tech cloud storage. 
  • Backup archives are stored in the Execu/Tech cloud storage are on Bitlocker encrypted drives.
  • Backup archives are only accessible to Execu/Tech staff, the backup application on the customer's server or via as-needed temporary FTP access provided to the customer or their approved IT professional.
  • Backup archives are stored for 7 days, one for each day of the week. This means that if a guest requests that their personal information be removed from the database, it will take 7 days for this to be reflected in the archives, as a new backup archive which no longer contains this data replaces the older archives.

 

Credit Card Data

 

Execu/Tech software DOES NOT store sensitive credit card data unless the software is misused.

  • DO NOT enter credit card data into notes, comments, or any other field not used to process credit card data.
  • ONLY enter credit card data into fields provided for secure processing of credit cards (this only applies to customers with integrated Credit Card Processing.) The methods used by Execu/Tech to process credit card transactions places its software outside the scope of PCI.

 

Security Guidelines

 

While Execu/Tech software encrypts guests' information, you should still follow industry standard guidelines to ensure better data security. Here are a few guidelines:

  • Your business network should be separate from the guest network.
  • If possible, use separate internet connections for the business and the guests. 
  • Use PCI minimum recommendations for Windows User Passwords.
  • Use a reputable Antivirus application and keep it updated.
  • DO NOT allow guests or any other unauthorized person to access a computer that also has access to the business network. 
  • Limit the staff's access to the internet to only essential sites. 
  • When possible, we recommend using BitLocker or similar technology to secure your data. 
  • If you require encrypted data transmission, use a reliable VPN connection between the client and server.
  • If you're using Microsoft's RDS, be sure to use an SSL to encrypt the session.
  • There are many other steps you can take to ensure the security of your computers, network and data and you should consult with experts to be sure you are doing all you can do.

 

Back to top


See also: Guest Opt-Out





Article ID
 data_security
Views
 4178
Last Modified
 10/1/2024 4:11 PM