The Orvis Company is a 162-year-young outdoor retailer, adventure travel coordinator, and conservation advocate headquartered in the old New England town of Manchester, Vermont, with major operations in Roanoke, Virginia and the United Kingdom. Reflecting its New England roots and founder Charles F. Orvis, the management team places high value on customer service; integrity, mutual respect, praise and recognition of employee associates; highest quality goods and services; and sporting traditions that promote the conservation of natural resources. These core values permeate every operation at Orvis, including the information technology and data security team.
Orvis’ Chief Information Security Officer Tyson Martin understands the responsibility of maintaining the trust that Orvis customers have in not only the company’s many products and services, but that their personal information is safe from data breaches and theft. The ongoing reports of data breaches in the last few years and the resulting damage to brands, management, and customer trust initiated a thoughtful overhaul of the three commerce channels that were the foundation of Orvis’ retail and adventure travel business. “We knew we had to securely encrypt the transactions flowing through the e-commerce, email and phone contact center, retail store and field point-of-sale channels to keep incoming payment and personal data safe,” says Martin. “But we also wanted to remove all the sensitive data from our internal IT systems so that in case of a breach, there would not be any customer data to expose.”