Peninsula Visa Security

Thousands of individuals and organizations trust Peninsula Visa Inc. with their travel information online and off. This is not something we take lightly. In order to ensure the protection of our clients data we combine the most stringent security features in our applications, systems and networks. Thus giving our clients peace of mind that their information and interactions are secure and protected.


Data center & network security

Physical Security

On-Site Security


Armor Defense Inc.’s data center facilities feature a secured perimeter with multi-level security zones, 24/7 manned security, CCTV video surveillance, multi factor identification with biometric access control, physical locks and security breach alarms.

Peninsula Visa Inc. has partnered with Armor Defense Inc. for the secure hosting of our clients data. Armor Defense Inc.’s servers are hosted at Tier III, SSAE-16 SOC 2 and PCI DSS compliant facilities. Our cage space within Armor Defense Inc.’s data center is located in the US and logically separated from other data center customers. The co-location facilities are powered by redundant power, each with back up generators.



Peninsula Visa Inc. utilizes Armor Defense Inc.’s US based data centers.

All systems are constantly monitored by Armor Defense Inc.

Network Vulnerability Scanning

Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.

Network Security


Dedicated Security Team

Our network is protected by redundant layer 7 firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits, and network intrusion detection/prevention technologies (IDS/IPS) that monitor and block malicious traffic and network attacks.

Our Security Team is on call 24/7 to respond to security alerts and events.


Armor designed its ISM based on the concept of defense in depth with its primary purpose being to provide the best possible security and risk mitigation for customers transacting sensitive information over the Internet. The ISM currently includes three primary layers: perimeter, host and access. These layers are integrated and designed to support and augment each other; allowing Armor’s SecOps team to provide a comprehensive managed security solution to its customers.

Security Incident Event Management (SIEM)

A security incident event management (SIEM) system gathers extensive logs from important network devices and hosts systems. The SIEM creates triggers that notify the Security team based on correlated events. The Security team responds to these events.

Intrusion Detection and Prevention

Major application data flow ingress and egress points are monitored with Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS). The systems are configured to generate alerts when incidents and values exceed predetermined thresholds and uses regularly updated signatures based on new threats. This includes 24/7 system monitoring.

DDoS Mitigation

Armor deploys redundant, multi-stage DoS/DDoS mitigation systems within its infrastructure that provide early detection and mitigation for these types of attacks. The current tools in place include Packetdam and Arbor appliances. Thresholds are set in Packetdam that automatically trigger blackholing of DoS traffic in excess of 1Gbps and alert our NetOps team to the issue.

Logical Access

Access to the Peninsula Visa Inc. Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Peninsula Visa Inc. Production Network are required to use multiple factors of authentication.

Security Incident Response

In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.


Encryption at Rest

Encryption in Transit

Peninsula Visa Inc. supports encryption of customer data at rest.

Communications between you and Peninsula Visa Inc. servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS).

Secure Credential Storage

Peninsula Visa Inc. follows secure credential storage best practices by never storing passwords in human readable format, and only as the result of a secure, salted, one-way hash.

Application security

Secure Development

Separate Environments


We utilize separate environments to develop, test each module exhaustively before migrating to our production environment.

Our QA department reviews and tests our code base to identify, test and triage security vulnerabilities in code.

Configurable Password Policy

Peninsula Visa Inc. provides only one level of password security: high. Peninsula Visa Inc. allows you to set high password security level through our company Portal.

Additional secuirty methodologies

Employee Vetting

Confidentiality Agreements

Background Checks

All new hires are screened through the hiring process and required to sign Non-Disclosure and Confidentiality agreements.

Peninsula Visa Inc. performs background checks on all new employees in accordance with local laws. These checks are also required to be completed for contractors. The background check includes criminal and employment verification. 

©1975 - 2019 Peninsula Visa, Inc. is a private expeditor of visas and passports.