Security

See mition's latest security information here


As we move to the cloud we need to ensure that security and privacy of your organisations data is maintained.

The following rules should always be adhered:

  • Any data between a member and the membership system should be sent via an encrypted channel (SSL/HTTPS).
  • Membership data sent via email should not contain personal information (such as Date of Birth, phone number, credit card information).
  • All credit card information needs to be stored in a PCI compliant manner.
  • Databases must only be accessible to authorised personnel.

Mition systems provide each organisation with their own independent SQL Database. All web communications are secured with a 4MB Encryption key (SSL/HTTPS). Infact, it is not possible to connect with your mition system using unsecure channels, we disable non-SSL communications to ensure there is no mistake.

Mition also encrypts member passwords, ensuring that no staff member can access or share such information.

Another part of a good membership system is to ensure that any public API's do not provide access to personal information.

Additional features such as complex passwords and dual factor authentication (via SMS/TXT message) and device registration means that should your organisation need to step up to the highest levels of security quickly, you can with a few simple settings changes.