Last Updated: April 24, 2020
At Navisteps, we believe there is no compromise for data security. As an enterprise technology company the security of our users is paramount, with compliance processes and controls in place to protect information from unauthorized access.
By default, Navisteps encrypts data at rest and data in transit for all of our customers.
All credentials, secrets and sensitive internal data are encrypted and manipulated through AWS Secrets Manager which stores secrets securely with fine-grained access policies.
Continuous threat detection and protection for your data using Cloudflare to monitor for malicious activity and unauthorized behavior.
Communications are established using 256-bit TLS encryption.
Hosted on Amazon Web Services (AWS) with a network architected to protect your information, identities, and devices.
Complete operational audit log with full tracking for actions taken by users to ensure access is compliant.
All Card Payments comply with Payment Card Industry Data Security Standard (PCI DSS), and all payment instrument processing is outsourced to First Data Corporation. We use tokenization, where sensitive data is replaced with a unique identifier called a ‘token’, thus allowing your payment to be processed securely.