Data security is literally our job. Yet day after day, there’s news of another breach affecting companies of all sizes all over the world. These stories highlight the vulnerabilities, lack of preparedness, and absence of strategy on their watch. That’s not the Tixr way.
As cybersecurity threats emerge and evolve in ever-more sophisticated ways, so should our practices. Data security is under a microscope, and we owe it to our community to be transparent about what we’re doing to ensure we don’t become a headline. We also hope to inspire you to make data protection a priority in your business.
Every Tixr staff member is required to follow these common-sense practices on-the-regular:
To instill the importance of data security, every new hire reads — and agrees to abide by — our Tixr Data Protection Guide. We wrote it in the simplest of terms so technical and non-technical employees understand three key things: 1) what hackers are, 2) how they get into our devices and accounts, and 3) how to best protect your devices, your information, and yourself.
Not only do we revisit our guide annually, at minimum, but our staff gets reminded to run regular checks to ensure we're obeying our own rules. Everyone at Tixr should know what it really takes to protect company (as well as personal) data today, and everyday. If something’s too hard or complicated, it won’t get adopted.
We’re incredibly selective about who we partner with at Tixr, opting for proven industry-leaders such as Amazon Web Services and Stripe as our backbones for cloud computing and payment processing. We don’tsacrifice on quality under the hood. Any partner that touches our tech stack and provides business services needs to be in scope for SOC 2 compliance so our own certification isn’t jeopardized.
We’ve built our business on designing simple solutions to highly complex problems, and we obsess over the little things not out of a sense of duty, but a deep sense of service. To that end, our highly secure interface is completely PCI compliant for credit card processing, Gaming Control Boardcompliant to do business with Nevada, New Jersey, and Massachusetts casinos, and well on the path towards becoming SOC 2 certified.
We’re also GDPR compliant with a variety of safeguards to protect the security of our platform, including encrypting web connections to protect data transmissions, replicating our databases to support reliability of the platform, and controlling access to our facilities and office network. Tixr data is encrypted in transit (advanced TLS protocols and 2,048-bit keys or better) and at rest (using AES 256 encryption with integrity).
Our job doesn’t end here…
To truly transform the ticket-buying experience, we’re innovating, iterating upon, and optimizing the Tixr platform day in and day out. With a robust internal QA team and process, we’re able to build fast and react fast, and you can help keep Tixr secure. If you encounter any bugs or flaws, we want you to notify us. In fact, we encourage it. Contact firstname.lastname@example.org.