About EntryCentral - Security

Users frequently ask how we secure their data, and we welcome such requests. We collect your data according to our Privacy Policy. We can share some high-level details of the security measures we have in place, without giving hackers enough information to use against us.

Dedicated Servers

Servers we use may only be accessed by EntryCentral staff. No other users share our severs with e.g. other websites or databases

Amazon WAF

AWS WAF is a web application firewall that helps protect web applications and APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources

Firewall

Our servers only accept https connections from Amazon WAF servers. Users cannot avoid routing through Amazon WAF.

Penetration Testing

We use website security company Probely to independently scan our systems for any code vulnerabilities.

Storage of incomplete card details

Your payment card number goes straight to Stripe without touching our servers. Stripe give us a reference to your payment (should you be eligible for a refund later), the card type and the last 4 digits (so that you have clues about which card you used for a payment) - but we do not store enough detail about your card for anyone to take a payment from it. There is no need for us to store your card details, so we don't do it.

Encryption

Your personal details are encrypted both at rest (in the database) and in transit (https/tls)