End to end encryption of all data transmitted (SSL)
Separation of machines housing critical data from machines running front end applications
Strict access controls to each data piece defined by both Penny and the client
An audit system which records each transaction built into the core of the product
Physical restriction to machines is only allowed by authorized vendor, not even Penny employees can physically access them
Code deployment which keeps all software up to date with the latest security patches
Data is encrypted at rest using industry standard AES-256 encryption algorithm
Day Dream Technologies Inc. relies heavily on Amazon Web Services (http://aws.amazon.com) for most of our infrastructure. Other companies which utilize this infrastructure include FDA, Netflix, Adobe, Suncorp, Dow Jones.
We rely on a Software as a Service (SaaS) model. This means we have one centralized location for our application and can keep critical applications up to date with the latest security measures, greatly reducing the amount of time required to deploy security patches (compare to traditional on-premise solutions).