Security is one of the major issues associated with deploying services on the Internet. ekit.com, the provider of the STA Travel Connect service, takes its security responsibilities very seriously and has employed a number of technical staff who are experienced in implementing and managing secure Internet services. This document provides an overview of the security that is incorporated into the setup and design of our services.
All ekit.com services are deployed using the same trusted design. The design calls for:
To support our services there is security at four levels:
To protect each of the four levels (routers, firewalls and Internet-visible/invisible servers) from attack we
Every connection made between the Internet and our Internet-visible servers, and from our Internet-visible servers to our Internet-invisible servers, is checked by IP filtering to ensure that only correct connections are made.
The Internet-invisible servers run our databases, administration, email system, and voice mail system. Access to these servers is allowed only from the controlled services running on the Internet-visible servers, which maintains the security and integrity of your data.
Whenever ekit.com exchanges sensitive information (recharge, PIN, Travel vault) with our customers over the Internet, we use secure connections via SSL (Secure Sockets Layer). This ensures that all the data is encrypted during transit over the Internet. This means that if a hacker intercepts the data, they will find it almost impossible to decrypt and read.
We also encrypt all sensitive information about our customers before storing it in our database. This ensures that if a hacker obtains the encrypted data from our database, they will find the data almost impossible to decrypt and read. The Travel Vault is an example of customer sensitive information; see the Travel Vault FAQs for more details.