The Heartbleed security flaw has been big news this week, and rightfully so. Potentially affecting the majority of web servers being used today, the risk is great and you should understand the impact and how you should take measure to ensure your personal information is protected. If you haven't heard of this security flaw, make sure to head over to heartbleed.com
for a thorough analysis.Let me start by saying West Coast Shaving is not affected by this vulnerability. Our servers do not use the OpenSSL service, and therefore, our servers are safe.
We recommend you review the list of popular sites on mashable.com
and take necessary actions (password changes) on affected sites. If you reuse passwords on multiple sites, it's best to change your passwords on even those unaffected.
While web security is on everyone's mind, this is a good opportunity to review how we ensure your information is safe with our store. Your security has been a top priority since the beginning of West Coast shaving. We consider security a continual improvement process and are always monitoring the state of the art to ensure your shopping experience here is worry free. Of particular importance are our shopping cart, our SSL certificate, and our processes.Shopping cart
The absolute first question we asked when reviewing shopping carts a few years ago was in regards to security and PCI compliance. PCI is the consortium of major credit card companies that establish and ensure compliance to a set of strict security guidelines and tests. Our shopping cart is PCI compliant and Level 1 PCI certified, the highest certification available. It is listed on the VISA list as an approved shopping cart. Our payment gateway and processor are, likewise, certified to the highest standards. All are continually audited and our cart undergoes periodic security scans. Finally, your credit card information is never stored on our servers. SSL Certificate
An SSL certificate is one of the key pieces of a security system on a website, allowing secure sessions between a user's computer and a web server. Think of it as the key to a lock. The more advanced the key/lock, the more secure. There are different levels of certificates, some requiring extra validation of the certificate holder. West Coast Shaving has opted to use an Extended Validation (EV) SSL which is a premium business-class security product. This is the highest level of certificate available. Not only does it entail extremely strong security encryption, it also requires the holder (us) to go through extensive confirmation of corporate identity. This certificate is the reason why you see the green bar on your browser when using a secure page on our site, such as when checking out.Our Processes
Security is affected by people, too, and we make sure our staff are vetted and well trained. We only hire people with utmost ethics. We don't write down credit card numbers (apologies if we have to ask you to repeat a number when completing a phone order). Our call center staff are located on the opposite site of the building as our B&M store to prevent snooping. We shred everything that has any kind of information, even just a name.
This Heartbleed problem has caused a lot of stress for people this week. I hope this information helps alleviate any concerns shopping with West Coast shaving. Of course, please do contact us if you have any concerns. Our staff is happy to help.