 |
Physical, Network and Legal Security |
|
 |
Intrinsic Data Security |
|
a. |
Client-segregated Software and Data |
|
Client data is segregated by client database keys built into every database query and piece of application software. Each client's differently-configured application software is segregated into its own client-specific directory structure. Software for venues open to the public do not include code for access to private business information about inventory items. |
|
b. |
One-way Encrypted Passwords |
|
Passwords for log-in controlled venues have complexity requirements of 6 character-minimum, with minimum one-letter and minimum one-number and are fully encrypted in the Dynaprice database. Client venue administrators control permissions and access codes for authorized users, but neither they nor Dynaprice (or Datapipe) staff can obtain stored passwords, which users may easily change as often as desired. (Administrators may issue new passwords for user support, but cannot obtain passwords in storage.) |
|
c. |
Pseudo-encryption of Business Data |
|
Inventory item data is pseudo-encrypted by storage in tables whose field values vary by client and product type. Any hacker seeking to interpret this data would require a full set of compiled Dynaprice software programs for all clients to disentangle this variably data-fielded item database.
|
 |
