ST Software Security Policy
ASP Converters Pty Ltd realises that users of St Software’s products need complete confidence that:
The ST Software suite is structured and written in such a way that it provides high level security in performance, data integrity and access control. The Company has also defined a comprehensive security policy that provides the security practices for the entire ST Software system. It consists of strict security policies for the physical, financial and electronic security of all customer data.
The policy set out below may be changed as the need arises, but any changes will be posted and flagged for your attention and will only apply to future activities and information, not retrospectively.
Due to the very nature of security, ASP Converters Pty Ltd does not provide specific details about what security tools are deployed where.
1. The system performs consistently and reliably
ASP Converter’s database platform employs innovative technology which protects data integrity and security at the software application layer. This technology allows us to offer another layer of security for our customers through the definition of the appropriate user entitlements during the ST Software set-up procedures. This extra layer of security control prevents unauthorized usage of data at every level. It also enables fine-grained control over all web applications features and functions.
ASP Converters Pty Ltd applies both active and passive security tools to its systems. An active tool is always on and inspecting for security breaks. Passive tools look at our security over time, and then make recommendations based on the compiled information. ASP Converters Pty Ltd is constantly scanning and auditing its systems for any defects in network security, in computer systems, and around your data.
ST Software security design elements
At the ST Software application level, all data entries are journalled, with the user ID and time stamp providing a full audit trail of changes to documents. This allows you to monitor data entry and, if necessary, trace who entered what and when. It provides protection against sabotage, virus and hacker attacks.
2. Information is secure and accessible only to authorised users
Secure Server and Facilities
Our data centers house the servers and systems responsible for network systems management, web content, and security services. All customer data is stored on secure servers and are kept in physically locked rooms with limited, supervised access. This physical environment is safe even in the event of a disaster; it is designed to keep the servers up and running 24 hours a day, 7 days a week. This ironclad facility is custom-designed with raised floors and HVAC temperature control systems. The facility offers a wide range of physical security features, including dual redundant power source, smoke detection and fire suppression systems and 24/7 secured access.
ST Software’s servers are protected by a firewall system. The firewall protects our web server(s) from malicious attacks through the Internet. Your data will remain securely out of reach. Internet firewalls allow the network administrator to define a centralized “ choke point” that keeps unauthorized users such as hackers, crackers, vandals, and spies out of the protected network, prohibits potentially vulnerable services from entering or leaving the protected network, and provides protection from various types of routing attacks. ASP Converters’ hosting contractor deploys monitoring hardware to monitor all traffic before and after the firewall to provide additional real-time intrusion detection to detect, report, and terminate unauthorised activity throughout a network.
ASP Converters Pty Ltd copies customer data to tape and stores it in a secure facility separate from the operations data centers. We have a backup and recovery plan that includes data spot checks, standby validation, backup and restore data verification and daily off-site data storage. In the unlikely event of a natural disaster, these data tapes can be easily recovered from computers at a separate data center.
To log into the ST Software site and access information, you are required to enter a password. This prevents someone from pretending to be you and accessing your information. Your private data is always secure and protected.
ASP Converters Pty Ltd provides the ability to assign unique user names and passwords that must be entered each time a user logs on. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of Data. You are responsible for determining who will be authorising additional users to be allocated user names and passwords. You are also responsible for determining and establishing which sections of your site various users are able to view and edit. Users are responsible for maintaining the confidentiality and security of their user registration and passwords.
The data entered into your database remains your property at all times. ASP Converters Pty Ltd will not change, delete or use your data in any way, unless otherwise authorised.
ASP Converters Pty Ltd may need to have access to your database at times for maintainance purposes, at which point we will request your permission and ask you for a user name and password to allow us access. Once the maintainance is complete you will be able to remove the access privileges to ensure that your database is secure.
3. Our business is legitimate, professional and responsive to customers needs
ASP Converters Pty Ltd (ABN 99 094 955 781) is a privately held company registered with the Australian Securities and Investment Commission. Company Directors are:
Mr Nigel Leck
Ms Alison Newham
Mrs Tina Leck
ASP Converters realises that a successful business depends on:
4. Any financial transactions are processed using internationally accepted security standards
ASP Converters Pty Ltd uses a third party intermediary to manage credit card processing. This intermediary is solely a link in the distribution chain, and is not permitted to store, retain, or use the information provided, except for the sole purpose of credit card processing. Other third parties, such as content providers, may provide content on the web Site but they are not permitted to collect any information nor does ASP Converters Pty Ltd share any personally identifiable user information with these parties.
5. Your communication with us is private
If you have further questions regarding ASP Converters Pty Ltd security, please e-mail our Administration Team at email@example.com