We can all agree that security is of the utmost importance when it comes to you and your members' sensitive data. RainMaker has some tips and tricks for you to make sure data is always secure. 

First is the user's own policies and procedures.  

Recommendations:

-Don’t allow shared logins.

-Maintain proper permissions for users.

-Do not store passwords in browser for autofill.

-Use strong passwords that are modified every 90 days.

-Never store credit card numbers through insecure methods ( **example: NEVER write a credit card number in a piece of paper or store unencrypted through an application such as excel or word).

-Do not share or surface API keys to allow access to system.

-Do not download free browser extensions without proper vetting and testing. These type of devices can allow open access via your web browser.

-Ensure your merchant side PCI compliance standards and procedures.

Next:

-Use web applications that use military grade encryption of sensitive data submitted.

-Use HTTPS whenever possible

-Financial data processed should be handled using PCI standards and procedures set for web applications and devices.

-Irreversible tokenization is the ultimate form of card data security at this point in time.