Security & Privacy for your Organisation

As we move our IT systems out of private networks and highly secure broom cupboards; we need to ensure that security and privacy of your organisations data is maintained.

The following rules should always be adhered:

  • Any data between a member and the membership system should be sent via an encrypted channel (SSL/HTTPS).
  • Membership data sent via email should not contain personal information (such as Date of Birth, phone number, credit card information).
  • All credit card information needs to be stored in a PCI compliant manner.
  • Databases must only be accessible to authorised personnel.

Mition systems provide each organisation with their own independent SQL Database. All web communications are secured with a 4MB Encryption key (SSL/HTTPS). Infact, it is not possible to connect with your mition system using unsecure channels, we disable non-SSL communications to ensure there is no mistake.

Mition also encrypts member passwords, ensuring that no staff member can access or share such information.

Another part of a good membership system is to ensure that any public API's do not provide access to personal information.

Additional features such as dual factor authentication (via SMS/TXT message) and device registration means that should your organisation need to step up to the highest levels of security quickly, you can with a few simple settings changes.