MANAGING SECURITY AND RISK

As sporting organisations rely on online management systems to run more and more of their operations, the risk to disruption to the organisation increases in the event of a security breach or systems failure.

Data breaches are being increasingly publicised in the media as organisations in all industries running outdated systems become more vulnerable to attack with increasingly dramatic consequences. The more valuable data a system contains, the more of a target it becomes to unscrupulous hackers seeking to engage in identity theft and credit card fraud.

ZEDSPORT is built by experienced software engineers with substantial experience in industry best practice to securing data and hosted in data centres that are audited under the ISO 27001 security standard. This however is not enough; new threats and attack vectors are emerging online all the time and it's critical that systems use multiple layers of security to protect data.

It’s for this reason that Sport Management Systems, the developers behind the ZEDSPORT platform see many sporting organisations running unmaintained and outdated software systems exposed online at increased risk.

To help address this, the ZEDSPORT platform is designed as a single multi-tenanted application. Imagine a single program that is updated to thwart the latest security threats for all organisations at the same time - much in the same way Facebook and Google works today.

In addition, ZEDSPORT is established on a widely adopted open source software development platform that is built around the idea that threats are constantly emerging and multiple layers of defense are essential.

The same software development platform is used by the likes of Twitter, Hulu, BBC, Bloomberg and Sony for a multitude of applications. Being open source, there are many eyes on the underlying software libraries that help drive ZEDSPORT and accordingly, vulnerabilities are quickly identified and resolved.

While credit cards remain one of the greatest targets for hackers, the ZEDSPORT platform makes a point of never directly storing them on the basis that in doing so, the platform becomes an increased target. Instead, ZEDSPORT supports a large variety of Payment Gateway options for organisations to choose from that store credit card information at financial institutions under strict PCI-DSS controls.

At a more practical level, sporting organisations using online management systems need to exercise internal control over what data their users have access to. This may be for competitive reasons, protection of the identity of minors, legal and compliance.

To address this, ZEDSPORT is built from the ground up to incorporate a sophisticated Role Based Access Control system that makes it straightforward to assign access to different administrative users in your organisation under the least privileges they require to effectively fulfil their role.

Access to sensitive administrative functions require users to use two-factor authentication ensuring that in addition to a user knowing a password, they have in their position a physical means for identifying them on the system in the form of an SMS token.

All access to the system is logged and auditable by authorised administrators providing maximum accountability and non-repudiation.

Lastly, Sport Management Systems is 100% Australian. This insures that all data sovereignty and ALL information is stored and subject to the laws of Australia. All our servers and services are based and owned LOCALLY.