For organizations with payment and document processing operations, the daily headlines about hacking and data breaches can be a nightmare. And in many cases, HIPAA requirements, PCI requirements and stringent internal data protection policies can all prove challenging for processing center managers.
To help meet these challenges, a Mavro system can automatically encrypt all confidential site data, including batch data, images, and vital system databases. This keeps vital site data protected – even if an adversary steals access to the data, he or she will not be able to decipher or read it.
Encryption is performed using industry standard AES (Advanced Encryption Standard) with either 128 or 256 bit keys. All encryption algorithms are approved for use by the National Institute of Standards and Technology as part of the Federal Information Processing Standard, FIPS 140-2.
In addition to encrypting data, MavBridge also verifies the complete integrity of every piece of data stored. This means that if an attacker modifies even a single bit of data in an encrypted file, MavBridge™ will detect the corruption, and will refuse to decrypt the data. This helps improve overall security by preventing an adversary from feeding “corrupted” data to the system.
Mavro is unique in that ALL DATA – data in process, standing data, and data archived in the web portal– is encrypted as a part of our solution.
- When encryption is coupled with Mavro’s flexible redaction features, even HIPAA, PCI, or strict internal security compliance requirements are met or exceeded.
- PBKDF2 hashing provides very strong protection against brute-force passphrase attacks.
- Full data integrity checking immediately alerts you if even one bit of data in a file has been modified by an attack.
- All batch data and images, archive data and images, and Mavro system databases that include sensitive data are encrypted, so even if your system is breached, your data is protected.
- The software utilizes AES encryption and a FIPS 140-2 certified encryption engine and algorithms that are well known and respected in the industry.
- Enhanced system logs track access to all system functionality, so you always know who accessed your data.