Select Topic:   HomeHelpPublicationsFree TrialDownloadRegisterPurchaseSupportContact Us
Publications
Publications
Travel Industry
Getting Started
Documents
Agency Issues
Computer Education
Reservations
Groups
Clients
Marketing
Financial
Agents
Inventory
Resources
System Information

























Protecting Customer Data

Data security breach notification laws require organizations that store private consumer data to notify individuals when their information is put at risk by a data security breach. In 2003, there was only one data security breach disclosure law: California SB 1386. However, following high-profile data security breaches in 2005 at ChoicePoint and CardSystems, many other states used California SB 1386 as a model for developing their own data security breach disclosure laws. Today, nearly 40 states in the country have passed data security breach disclosure laws, each with their own distinct notification requirements. As a result, many organizations are struggling to determine exactly when and in which states they must disclose a data security breach to affected individuals.





With regard to travel agency data, it just so happens that this type of data is the most coveted form of personal data to steal because often, the data contains not only the customers credit card numbers, but also their passport numbers, drivers license numbers, etc. In fact, this "full picture" data is the "rosetta stone" of data theft because it allows the thieves to sell identities; the most sought after black market commodity.

And so, the best way to stay in compliance with the myriad of data security breach laws is not to have a customer data breach (customer data stolen) in the first place. CruisePak's design facilitates you in preventing a data breach through the following means.

CruisePak Stores Your Customer Data On YOUR Computer

CruisePak stores your customer data in a database which resides on your computer (or local area network). The Customer Sensitive Data is encrypted internally and thus alleviates you from the customer notification requirements if for some odd chance, you did lose the data such as would be the case if your computer was stolen.

Note that if you are using or evaluating an internet based customer relationship management program like CruisePak, you should know that your data will be stored on a publicly accessible web server.

The problem doesn't lie so much as to where the data is stored. Rather, the problem lies with who has access to the public web server.

Technically speaking, data thefts are actually simple file copy operations; much like you do when you copy a word document from one folder to another. An improperly vetted contractor or employee who does work on that public web server could copy your data (and other users of that same web based application) in a blink of an eye thus causing a data security breach.

Note too that even if the data is stored in encrypted format on the public web server, the encryption keys that decipher your customer data are stored on the public web server too. If the thief can get your names, they can easily get the keys as well.

CruisePak Data Storage Location Allows You To Implement Windows Login Security

Because CruisePak stores the data locally on your PC, you should enable Windows Login Security to avoid unauthorized access to your computer. That means that everytime you start your computer, Windows will ask you for a password. And, if the password doesn't match, access to the computer is denied.

CruisePak Data Storage Location Allows You To Take Advantage Of Your Firewall And Virus Protection

Enabling a Windows Firewall stops hackers from accessing your computer from the internet. Virus protection and Spyware protection stop malicious computer programs from being installed on your computer. Remember, the customer data is stored on your computer. Thus, you need to lock your computer down.

CruisePak Security Features Further Protect From Unauthorized Access

Enabling CruisePak security requires one to provide a user id and password authentication scheme every time the CruisePak program starts. That way, even if access to your computer is gained, access to your customer data has to go through one more security barrier.

Drawback: Accessing CruisePak Via The Internet Requires Additional Software Technology

One of the big features of an internet based web application is the ease of access. Wherever there is an internet connection, one can access the web based application which stores your data on the publicly accessible webserver.

With CruisePak, you have to do a bit more. To access CruisePak remotely, you have to install remote control computer software (such as GotoMyPC.com). Or, if you are a bigger agency, install and run the CruisePak Connector to provide access to your customer data via the internet, custom agent application, cell phone, remote device, etc.

We know that this is a pain, but just like the new security procedures at airports which result in standing in line for two hours, to use CruisePak remotely, there are pains associated with ultimate data security.

Concluding

Customer data loss is prevalent in todays business environment. Protect your customer data by keeping it where you can see it and don't let it out of your site. Implementing CruisePak keeps you out of the full disclosure business.
Copyright 2010 pfsSoftware, All Rights Reserved.
Privacy Statement   Advertise