Our Approach


Security


Our client's trust is a privilege and a responsibility that is our first priority, every day. Here are some of the technologies and practices we've put in place to protect your identity and your financial information:


  • PCI Compliance

    All of the ARM Insight, Inc. hosting facilities hold a PCI DSS Level 1 compliance assessment certificate. All hosting facilities where sensitive data is stored is carefully picked to ensure PCI DSS compliance. We hold ourselves to high security standards maintaining industry best practices when trasmitting, tracking and store card data.

  • SAS 70 Audited

    All of the ARM Insight, Inc. hosting facilities perform an annual SAS 70 Type II audit to ensure data safety and security. When dealing with client and consumer data we hold ourselves and our partners to the highest industry standards.


  • 128-bit SSL Encryption

    ARM uses the same 128-bit encryption technology that banks use to secure all transfer of sensetive data both card and personal. We've partnered with the leading provider of online banking services to major banks and the leading payment processing providers, to ensure a secure connection to your personal financial information.

  • Security Scans

    Finally, ARM has received the Verisign security seal certification, while undergoing a comprehensive security scan by McAfee on a daily basis. These scans test and log vulnerabilities in firewalls, encryptions, intrusions, viruses, attempted hacks etc.


Secure Infrastructure Diagram

The ARM platform software and servers are located within highly secure facilities owned and operated by Hosting.com. Hosting.com is both SAS 70 Type II and PCI Level 1 compliant. In addition, any sensitive or confidential data (between our solution, customers, and partners) is processed through encrypted VPN or SSL protocols. Our IT Data Controls are based upon 3 key principles (see diagram below):

  • Our data center (Hosting.com) is PCI Level 1 and SAS 70 Type II Compliant
  • Our data aggregation layer is PCI Level 1 compliant
  • All Data transmissions and pipes are secure via SSL protocols or secured, dedicated VPNs.