GCS - Security

Highly Secure Backend

Backend represents networks, servers, databases and additional services operated by GCS and its design is crucial in establishing a secure environment. GCS backend is "N-tiered" - a technical term to denote a state of the art secure implementation, comparable to that of online banking systems. GCS backend is protected by several layers of firewalls, each separating a progressively more secure network or tier.

Data Protection

GCS is especially concerned with the protection of any sensitive consumer data and compliance with the Gramm-Leach-Bliley Act (GBLA) and Fair Debt Collection Practices Act (FDCPA) in the capacity they apply to GCS as a service provider. All data stored in the GCS database tier is secured by at least two firewalls, a set of security policies and the industry-standard encrypted transfer channels.

Secure Communication

GCS ensures that any communication with debtors containing sensitive or personal information is transferred only through encrypted channel (HTTPS) and delivered only to the properly authenticated users.

Similarly, the file upload and download between financial services clients and GCS is always protected by the industry-standard encryption. The data exchange is accomplished either through web interface, when raw data is transferred through an encrypted HTTPS channel, or via the standard e-mail, when GCS requires that files be encrypted prior to the exchange.

Identity Verification

Identitiy verification is very important when dealing with sensitive information to prevent both unauthorized access to the data and unauthorized posting or modification of the data. Clients using e-mail to upload files must include a valid digital signature before GCS will accept the files.

Intrusion detection

Servers operated by GCS are equipped with the intrusion detection systems for real-time monitoring of the attempted unauthorized access and immediate e-mail warning of GCS administrators.

Restricted Access

GCS limits access to the database and inner layers of the system to the officers of the company. No lower level employees have access to the data, virtually eliminating possibility of insider leakeage of the sensitive data.