The TokenEx Secure Data Vaults are the encrypted databases where your PANs and tokens are stored. Access to each vault is strictly controlled by combinations of TokenEx IDs, Encryption Keys, IP Whitelist entries, and other security measures.
The question arises, if a sophisticated financial institution can get hacked, how are the TokenEx Cloud Data Vaults made secure? The key—literally—is access control. The IT systems of financial and insurance organizations are populated with access points (PCs) that are used by employees for normal business—email, research, word processing, and customer service. Employees can make common security mistakes—viewing an attachment in a cleverly disguised email from a “client” for example. As a result, a virus is unleashed, malware installed, key loggers activated, and communications are compromised.
In the work environment of the TokenEx Cloud Security Platform, there are no superfluous access points. Network communications are encrypted at all times. Client access to vault monitoring is through state-of-the art two-factor authentication. Firewalls are always active and IP whitelisting keeps unauthorized traffic from ever entering the data center network. There are no PCs that can be infected from external Internet sources. The personnel managing the data center are all trained security experts. It’s an environment designed solely for high-performance security ops and nothing else. The list of security certificates and testing results are long and complete, and always available for your scrutiny should you desire.