Point Of Sale Cybersecurity

MyVenue uses leading security tools and compliance framework practices to ensure all customer data is securely protected.

Expert Oversight

MyVenue’s IT Risk Management Committee provides governance across all security strategies. This team consists of MyVenue’s in-house Risk Specialist, an external independent cybersecurity agency, and the MyVenue board.

In addition to implementing robust cybersecurity initiatives, these cybersecurity stakeholders oversee the routine performance of penetration and vulnerability testing, ensuring cybersecurity best practices are maintained within the MyVenue environment.

SaaS Multi-tenant Client-server Application

The MyVenue solution is hosted on AWS's Well-Architected framework to bolster our security posture. Within this framework, all venue customers receive their own tenant that encrypts & logically separates all data, and isn’t accessible to other tenants to actively prevent unauthorized access to data.

SOC 2 logo

Systems and Organizational Controls (SOC) 2

MMyVenue is SOC 2 Type II accredited. As the industry-gold standard in data protection systems and processes, this certifies MyVenue’s ability to securely manage customer data to a universally accepted standard. This gives MyVenue system users complete peace of mind that their sensitive data is protected with a world-class robust security posture.

The report, conducted by certified independent auditors Prescient Assurance, examined and endorsed all MyVenue:

Security policiesNetwork connectivity proceduresFirewall configurationsSoftware development life cycle processesData transmission & backupsDisaster recovery measures
Pci dss logo

Payment Card Industry Data Security Standard (PCI-DSS)

MyVenue is PCI-DSS accredited, and supported by a robust architecture that is designed to protect cardholder data. Processes and measures implemented include:

Full encryption of all data (in transit, at rest)Segregating cardholder data from other system dataRegular independent security auditsRoutine software updates to enhance the system’s security postureIn-built protection & monitoring technologies

Ultimately, this means payment processing remains secure, smooth, and fast at all times.

Cloud Infrastructure

The MyVenue platform is underpinned by leading tools, processes, and measures:

  1. Hosted in Amazon Web Services
  2. Cybersecurity provided by Cloudflare to protect against automated bots, scanning, and intentional malicious use
  3. Datadog to monitor system health status and notify of potential issues
  4. Data transmission is secured using TLS 1.2+, PKCS #1 SHA-256 with RSA Encryption
  5. All data at rest is encrypted using AES-256 encryption
  6. Data backups stored in multiple locations on the AWS framework at regular intervals
  7. Built-in disaster avoidance to ensure continued system operation
  8. Rapid scaling to cater for game day and other high-traffic periods
  9. Data can be exported upon request for "right to be forgotten"
  10. Change monitoring with all access & change logs across the entire platform
  11. Disaster recovery systems tested monthly
  12. System automation to minimize human error
  13. 24/7/365 real-time security & performance monitoring controls managed internally and supported externally by an AWS-approved alert & monitoring services provider