Is the Bob Books website secure?
Bob Books takes it's user security very seriously. Please find below details of our security measures.
Bookshop orders: Bookshop order the payment details are taken on through an independent payment provider under their secure domain. We do not store any sort of card or payment details.
Customer’s images and order files: Images get sent to our server under a secure ftp connection. The order files are only ever in a location accessible by the server never by a web address. The order files are process then sent to Amazon S3 for long term storage, these are then only accessible with your username and password.The only files accessible by a browser are the bookshop image files. These are stored under a unique name that is random generated and associated with the book.
Log In: Our entire website is hosted on a secure server as denoted by the https you'll see at the start of our url. Your information is safe once logged on as it is stored behind the security layers we have on the server. Also the password is not stored by us but a hashed version of it, so it cannot be downloaded by anyone, not even us.
Hosting environment: The operating system on the web servers is set to automatically install security updates. This means that by the time the security alert appears on the main stream news our servers are already patched and protected. Our site is hosted in the Amazon web services environment on the cloud all of the security features listed here are applicable http://aws.amazon.com/security/ Furthermore we are currently in the process of installing a UTM (unified threat management system) that will analyse inbound traffic for things like SQL injection, port scanning, cross site scripting etc.