Safe and Secure Shopping

When you are shopping securely online, you’ll see a tiny gold or green padlock in your address bar right next to the address which now reads “HTTPS” instead of “HTTP.”  The “S” stands for “secure”, as you have been transferred to a secure line to prevent hacking and identity theft among other information gathering techniques, such as key-logging and screen-mirroring software. These identifying marks reassure our customers that their orders are safe and secure. We also use PayPal credit card processing services which guarantee your safety. All Starfire Direct web pages are encrypted for your safety.

Your digital security is a top priority for Starfire Direct.  As such, we use a top rated third party hosting service for our managed dedicated servers that offers professional security that our customers have come to expect in this day and age.  Continue reading to learn more about the security in place:

Physical Security

SSAE 16 Certified Facilities - Our server facilities are externally audited for compliance with SSAE 16, which confirms that they meet the strictest standards of security. The standard covers all aspects of data center management, including "processes, policies, procedures, personnel, and operational activities".

Complete Audit Trail - Comprehensive records are kept of who has access to the data we handle and when they access it. All work on our servers and networks is carefully logged, and access is only granted to their stringently vetted and security-trained system administrators.

Round-The-Clock Security Montitoring - Each of their six global facilities has stringent physical access controls, with active security patrols, constant camera surveillance, and biometric identity verification for access to the data center floor. As a PCI-DSS-compliant hosting company, they maintain the highest standards of control over physical access to our equipment.

Network Security

Firewalls - Our dedicated server hosting plan includes the Advanced Policy Firewall (APF) stateful iptables based software firewall to protect our networks from outside intrusion. Enterprise hosting plans include hardware firewalls.  We also utilize mod_security, a software based web application firewall on every server for an additional layer of protection for hosted applications.

Hardware Asset Management - They carry out comprehensive security configuration of all routers, switches, and servers on our networks.

DDOS Protection - We utilize the Arbor Networks Peakflow platform to provide additional protection against denial of service attacks to our infrastructure.

Regular Security Testing - We regularly subject our networks to external and internal penetration testing in order to verify network and server integrity.

Server Security

Secure Isolated Platform Servers - Our servers are security hardened and comply fully with PCI-DSS information security standards.

Ksplice Uptrack - Ksplice Uptrack allows us to apply kernel patches to running systems, so we can immediately patch our server operating systems without service interruptions.

Real Time Monitoring - Our servers are constantly monitored for threat indications or breaches, so that we can immediately react to any potential vulnerability to client data security. 

Bespoke Server Security Configuration - All of our servers are individually configured to offer the most secure environment for the application they serve. We only run services essential to our applications to reduce the potential vulnerability surface area.

OS Security Management - We proactively patch and upgrade all of our managed servers. In the event of a vulnerability being known, we will immediately apply patches or implement solutions to protect our clients when possible.

Application Security

Backup - Data security is about more than just secure systems and servers. Without comprehensive regular backups, data and client business continuity is threatened. We do daily backups.

SSL Certificates - SSL is essential to keeping user and client information secure as it traverses the Internet. Our site uses an SSL Certificate and complies with all legal requirements.