The think security framework
Deploying a mixture of initiatives ensures the very best in security


INFRASTRUCTURE SECURITY

think's infrastructure is housed in dedicated monitored facilities over multiple geographical locations.

  • think's partitioned networks are protected by the latest firewall technology.
  • All transactional data and API is encrypted at a minimum of 128 bits in messaging formats such as SSL and PGP.
  • think deploys regular security patches and updates on all hardware.
  • Security settings on think's hardware is tuned to ensure the appropriate level of security.

ORGANISATIONAL SECURITY

think's staff are mandated to adhere to the think security policy.

  • Only think staff with appropriate security levels have access to sensitive information and data.
  • Logs of staff access are maintained and review on a regular basis.
  • Security audits are conducted regularly by accredited, external experts.
  • Documented incident rapid response plans are in place and scenarios are run regularly.
  • Regularly expiring passwords and strong password controls are required for all system administrators.
  • Considered security procedures and policies are documented and reviewed regularly.

APPLICATION SECURITY

Best practice methodologies are deployed by think's software development teams.

  • Storage of card information and transactional data is not permissible on local devices.
  • All development must pass the strictest testing regime.
  • think follows industry standard practices for security such as OWASP.
  • Development for card processing software complies with the latest security standards.

Interested in something?
Get In Touch