Book a Demo

Security

Destiny One is designed and implemented with security and data privacy as key priorities

Team qualification and development process

Destiny Solutions employs a team of professionals with extensive background in cybersecurity. We have full time Certified Information Systems Security Professionals (CISSP), business analysts who are trained in information security, and developers who have years of experience in creating secure software. This allows us to be full partners with our clients in creating and maintaining a secure environment for Destiny One.

The security of the software application is taken into account at the inception of every development activity and remains in the forefront through deployment including defensive programming techniques, OWASP-top 10 analysis and other security best practices.

Apply appropriate staff permissions

Destiny One implements a full and dynamic role-based permissions framework. Additionally, the system tracks and reports on every transaction and adjustment in the system with a full audit trail allowing accountability on every action and identification of user responsible for any change.

Leverage top security certifications

Destiny Solutions and the Destiny One application are PCI DSS and SOC-2 compliant. As such, strong security, authentication, and confidentiality are built into both the software and also the company processes. PCI DSS and SOC-2 are the most stringent security standards in the industry for personal information protection and e-commerce transactions. This ensures that Destiny Solutions has implemented the security required to properly handle and protect customer data.

Destiny Solutions complies with all appropriate government and industry security standards including FERPA, FIPPA, GDPR, PA-DSS, and HIPAA. Destiny One securely manages personal data as defined in Destiny Solutions standard contract as per the applicable regulations.  

Destiny Solutions is also SOC-2 compliant.

PCI compliance specifications

Using the PA-DSS-certified Destiny One software within the Destiny Solutions and Amazon PCI-DSS certified environment ensures that the application, the physical infrastructure and the management controls have all been certified to the highest level to ensure customer data protection.

Destiny One's Payment Processor Manager is PA-DSS v3.2 compliant. 

Destiny One, hosted on Amazon EC2 is PCI-DSS Service Provider Level 2 compliant. This ensures that the physical infrastructure where Destiny Solutions hosts the Destiny One solution has achieved the highest level security compliance. Destiny Solutions will continue to stay up-to-date through ongoing penetration and vulnerability testing using a third-party firm, along with yearly attestations of compliance. 

As part of an overall hosting and security architecture, Amazon Web Services (AWS) provides infrastructure equivalent to a tier-4 data center which includes mandatory physical controls and protection including power management, physical access control, fire and water detection and suppression.

Amazon EC2 has obtained many industry certifications including ISO, PCI, and SOC compliance.