Information Security: 5 Key Elements for Your Travel Agency
Nowadays, regardless of the industry you work in, cloud solutions are particularly popular because of their easy online access and because they don’t have to be installed on a computer. The travel industry is no exception to the rule. A simple browser and an Internet connexion is enough equipment to work remotely from home or even in a coffee shop.
But are cloud systems efficient in terms of information security?
At TravelWorks, we offer our customers (travel agencies and tour operators) a cloud management solution. To do this, we work with strategic IT service providers, experts in data and software hosting. This allows us to have our own fully secured IT infrastructure.
Here are 5 key elements we consider important to guarantee an optimal information security:
1. Install Cascading Servers
Web softwares are installed on a cloud server that performs daily back-ups of our customers’ data. Make sure, with your software provider, that their main server is installed in ‘cascade’ with other servers which can be automatically activated in the event of any defect of the main server. In other words, if server A was momentarily dysfunctional, the other servers must be active in real time to take over with subsequent servers if necessary. You want zero risk in terms of data loss!
2. Daily Attack Simulations
As part of preventive maintenance, on a daily basis, attack simulations (‘hacking’) have to be performed on servers to enable the testing of the server solidity and to know if they can stand against malicious attacks. Expert software suppliers perform these kinds of attack simulations.
3. Encrypted Data
The IT architecture offered must include tools that allow to automatically encrypt all customers’ data. This means that the data characters are replaced by other characters making the encrypted data completely unusable by anyone who would try to read or use them. Once again, expert software suppliers offer data encryption.
4. PCI Compliant
There are existing information security standards (PCI compliance) for corporations like ours that sell software in which transactions are achieved. Your software supplier must continuously comply with these standards to guarantee information security. For example, it is prohibited in our industry to keep all 16 digits of a credit card number in a database which we obviously respect.
To learn more about PCI standards, click on this link:
https://fr.pcisecuritystandards.org/minisite/env2/
5. Configurable User Access
It is important that your software grants customizable user access rights that depend on each user’s responsibility within the organization. For example, it must be possible for you as a travel agency owner to have access to all features of the system. You must be able to grant access to a travel agent for billing or to the bookkeeping to your external accountant or to some strategic reports to your manager, etc. It’s important that external agents are only granted access to view their own customers’ profiles and not those of other external agents.
In conclusion, information security is an essential element in the implementation of an accounting software for travel agencies. TravelWorks strives to take all the necessary measures thanks to its highly secured IT infrastructure, to allow its travel agency customers to work in a user-friendly solution with peace of mind.
Feel free to consult our experts for more details.