TourCMS®
Small Fish Big OceanAre you a tour operator or niche travel agent?
Come and join our travel business social network!
     Features      Prices      Sign up      Support      Community      Company      Contact us   
home > support > data security standards

Data security standards

These standards are put in place to ensure that we, on your behalf, are able to provide maximum protection to your data

Many of these standards are incorporated into TourCMS to assist with potential compliance of the PCI (Payment Card Industry) standards - a global standard for the protection of sensitive data on IT systems.

Usernames & passwords
  • Identify all users with a unique username (do not use group, shared or generic accounts & passwords)
  • Passwords must have a minimum length of at least 7 characters
  • Use passwords containing both numeric and alphabetic characters
  • Passwords must be changed every 90 days
  • Previously used passwords may not be reused
  • Limit repeated access attempts by locking out the user ID after not more than 6 attempts
Inactivity
  • If a session has been idle for more than 15 minutes, require the user to re-enter the password to reactivate the terminal
  • If a user has not logged in for more than 90 days that user account is made inactive
Credit card data
  • Do not store credit card data within TourCMS
As a reminder, this is in the TourCMS terms of service: "You agree to (a) immediately notify Travel UCD of any unauthorised use of your password or account or any other breach of security, and (b) ensure that you exit from your account at the end of each session"


Copyright © 2003-2008 Travel UCD Limited. All rights reserved.  Privacy policy
TourCMS® is a registered trademark of Travel UCD Limited, United Kingdom