Security

The MerchantLinQ Platform Security Overview

Built with confidence on the Microsoft Azure cloud platform…

 

LoanStar has built the MerchantLinQ platform to the highest security standards and it is hosted in the industry trusted Microsoft Azure data center.

Microsoft has leveraged its decades-long experience building enterprise software and running some of the world’s largest online services to create a robust set of security technologies and practices. These help ensure that Azure infrastructure is resilient to attack, safeguards user access to the Azure environment, and helps keep customer data secure through encrypted communications as well as threat management and mitigation practices, including regular penetration testing.

Managing and controlling identity and user access to your environments, data, and applications by federating user identities to Azure Active Directory and enabling multi-factor authentication for more secure sign-in.

Encrypting communications and operation processes. For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft datacenters, and within datacenters themselves. For data at rest, Azure offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.

Securing networks. Azure provides the infrastructure necessary to securely connect virtual machines to one another and to connect on-premises datacenters with Azure VMs. Azure blocks unauthorized traffic to and within Microsoft datacenters, using a variety of technologies. Azure Virtual Network extends your on-premises network to the cloud through site-to-site VPN.

Managing threats. To protect against online threats, Azure offers Microsoft Antimalware for cloud services and virtual machines. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics and machine learning tools to help mitigate threats to the Azure platform.

 

Microsoft understands that for banks to leverage products, deployed on cloud services, you entrust us with your most valuable asset—your data. You trust that its privacy will be protected and that it will be used only in a way that is consistent with your expectations.

For almost 20 years, Microsoft has been a leader in creating online solutions designed to protect the privacy of our customers, and today the Microsoft Cloud infrastructure supports over a billion customers around the globe.

To demonstrate that Microsoft Cloud controls deliver compliance that you can rely on, our enterprise cloud services are independently validated through certifications and attestations, as well as third-party audits.

In-scope services within the Microsoft Cloud meet key international and industry-specific compliance standards, such as ISO/IEC 27001 and ISO/IEC 27018, FedRAMP, and SOC 1 and SOC 2. They also meet regional and country-specific standards and contractual commitments, including the EU Model Clauses, UK G-Cloud, Singapore MTCS, and Australia CCSL (IRAP). In addition, rigorous third-party audits, such as by the British Standards Institution and Deloitte, validate the adherence of our cloud services to the strict requirements these standards mandate.

 

MerchantLinQ built on the Microsoft Cloud is built on the premise that for you to control your customer data in the cloud, you need to understand as much as possible about how that data is handled. You must know, through clearly stated and readily available policies and procedures, where your customer data is stored and how we help secure it, as well as who can access it and under what circumstances. And you don’t have to take our word for it: you can review a wide range of evidence, including third-party audit reports and certifications, to verify that we meet the standards we set.