UNMATCHED SECURITY AND COMPLIANCE
THE TECHNOLOGY
etherFAX incorporates a multi-level encryption/security system known as a “defense-in-depth” approach. It is a layering tactic, conceived by the National Security Agency (NSA), as a comprehensive approach to information and electronic security. To that extent, etherFAX employs multiple layers of security also known as a “Defense in Depth” that provides its customers an even greater protection against eavesdropping or other forms of cyber-attacks. In addition, all fax transactions are processed in a secure and encrypted database utilizing the same standards. Lastly any images/content in the etherFAX system only persists for the life of the transmission and is then destroyed with all data being zeroed; ensuring etherFAX meets all regulatory compliance requirements.
We start with a secure communication channel over HTTPS that secures the “pipe” between the etherFAX client/customer and the back-end services hosted by etherFAX. Once a secure channel has been established, each customer is authenticated using his or her account, user name, and password. Lastly, the etherFAX web service model further encrypts and protects the communication on a “message level” even though the HTTPS channel is already arguably secure.etherFAX makes every attempt to NOT store any fax image data/content except for the life of the actual fax transmission. While etherFAX will maintain all call record details (fax number dialed, actual connect time, remote fax system ID, pages delivered, etc.), all fax image data is immediately destroyed upon termination of the call, whether a success or failure is detected. During the in-transit period, all fax image data resides in a temporary data store and remains encrypted preventing even etherFAX personnel from observing the contents of the fax image/content. Once the fax transmission has terminated, all fax/image content is FIPS-140 deleted and permanently removed from the etherFAX network altogether.
We start with a secure communication channel over HTTPS that secures the “pipe” between the etherFAX client/customer and the back-end services hosted by etherFAX. Once a secure channel has been established, each customer is authenticated using his or her account, user name, and password. Lastly, the etherFAX web service model further encrypts and protects the communication on a “message level” even though the HTTPS channel is already arguably secure.etherFAX makes every attempt to NOT store any fax image data/content except for the life of the actual fax transmission. While etherFAX will maintain all call record details (fax number dialed, actual connect time, remote fax system ID, pages delivered, etc.), all fax image data is immediately destroyed upon termination of the call, whether a success or failure is detected. During the in-transit period, all fax image data resides in a temporary data store and remains encrypted preventing even etherFAX personnel from observing the contents of the fax image/content. Once the fax transmission has terminated, all fax/image content is FIPS-140 deleted and permanently removed from the etherFAX network altogether.
COMPLIANCE AND CERTIFICATIONS
Data Centers
The etherFAX data-centers are hosted by Equinix ,a world class carrier grade data-center provider, in multiple geographical FEMA regions to ensure four 9's of up-time.
Security Features:
Security Features:
- 24x7x365 security
- All doors, including cages, are secured with biometric hand geometry readers
- Kinetic and key locks on closed cabinets
- Colocation and critical areas have windowless exteriors
- logsCCTV digital camera coverage of the entire center, including cages, with detailed surveillance and audit
- Bullet Resistant Protection
- CCTV integrated with access control and alarm system
- Motion detection for lighting
- Equipment check upon arrival
- Shipping and receiving area walled off from colocation areas
Need more details? Contact us
|
|