Overview... 2. Servers and Infrastructure... 2. Communication channels... 3. Peer-to-Peer connections... 3. Data Compression and Encryption...



Similar documents
BeamYourScreen Security

MIKOGO SECURITY DOCUMENT

Security Policy Revision Date: 23 April 2009

BMC s Security Strategy for ITSM in the SaaS Environment

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

introducing The BlackBerry Collaboration Service

WISHIN Pulse Statement on Privacy, Security and HIPAA Compliance

CHIS, Inc. Privacy General Guidelines

How Managed File Transfer Addresses HIPAA Requirements for ephi

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

Security Overview Introduction Application Firewall Compatibility

WHITE PAPER. Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting

Cisco QuickVPN Installation Tips for Windows Operating Systems

Blaze Vault Online Backup. Whitepaper Data Security

WebEx Security Overview Security Documentation

Cyber-Ark Software and the PCI Data Security Standard

Vendor Questionnaire

HIPAA Security Matrix

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

DataTrust Backup Software. Whitepaper Data Security. Version 6.8

The Secure WebEx Meeting Experience

Is your data safe out there? -A white Paper on Online Security

HIPAA Privacy & Security White Paper

RSS Cloud Solution COMMON QUESTIONS

Evaluate the Usability of Security Audits in Electronic Commerce

Security. TestOut Modules

Ahsay Online Backup. Whitepaper Data Security

What is an SSL Certificate?

Virtual Private Networks

Copyright Telerad Tech RADSpa. HIPAA Compliance

Security Whitepaper. NetTec NSI Philosophy. Best Practices

ShareFile Security Overview

Technical papers Virtual private networks

Complying with PCI Data Security

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

Data Superhero Online Backup Whitepaper Data Security

Enterprise level security, the Huddle way.

Live Guide System Architecture and Security TECHNICAL ARTICLE

White Paper: Librestream Security Overview

Security Considerations

Healthcare Compliance Solutions

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Accellion Security FAQ

Hosted File Backup for business. Keep your data safe with our cloud backup service

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Chapter 10. Cloud Security Mechanisms

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security & Infra-Structure Overview

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

eztechdirect Backup Service Features

Electronic Service Agent TM. Network and Transmission Security And Information Privacy

FileCloud Security FAQ

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

2003, Rainbow Technologies, Inc.

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance

Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

HIPAA-compliant Cloud Faxing

Privacy + Security + Integrity

Using BroadSAFE TM Technology 07/18/05

Security IIS Service Lesson 6

Cornerstones of Security

Spreed Keeps Online Meetings Secure. Online meeting controls and security mechanism.

ION Networks. White Paper

NWIMS. Online Backup Security Documentation

HTTP connections can use transport-layer security (SSL or its successor, TLS) to provide data integrity

Hosted File Back-up for business. Keep your data safe with our cloud back-up service

Securing an IP SAN. Application Brief

Security Policy JUNE 1, SalesNOW. Security Policy v v

Credit Card Security

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

Small Business IT Risk Assessment

Quidway SVN3000 Security Access Gateway

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Secure Frequently Asked Questions

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Controlling SSL Decryption. Overview. SSL Variability. Tech Note

AD RMS Microsoft Federation Gateway Support Installation and Configuration Guide... 3 About this guide... 3

DRAFT Standard Statement Encryption

Steelcape Product Overview and Functional Description

PRIVACY, SECURITY AND THE VOLLY SERVICE

October P Xerox App Studio. Information Assurance Disclosure. Version 2.0

Chapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security

Transcription:

Data security is a high priority at Brosix, enabling us to continue achieving the goal of providing efficient and secure online realtime communication services.

Table of Contents Overview... 2 Servers and Infrastructure... 2 Communication channels... 3 Peer-to-Peer connections... 3 Data Compression and Encryption... 3 Website SSL Encryption... 3 Applications... 3 Application security... 3 End Users Authenticity... 4 Brosix Staff... 4 SAS-70, HIPAA, SSAE 16, HITECH... 4 Conclusion... 4 1 P a g e

Overview Brosix provides a secure communication tool to businesses and thus help them improve their productivity. By using Brosix our customers are sure their data is protected and not exposed allowing them to focus on their business. Brosix customers are spread all around the world. They use Brosix products for sales, marketing, training, project management, customer support, collaboration etc. Some of them are subject to regulations like SAS-70, HIPAA and using Brosix they have to meet regulation requirements. Brosix ensures that its services meet the most stringent corporate security requirements. Brosix assigns data security the highest priority in the design, deployment and maintenance of its network, platform and services. The purpose of this document is to provide information on the data security features and functions that are available in Brosix and inherent in the underlying communication infrastructure. We discuss the following items in this document: servers, communication channels, applications, end users, brosix staff, firewall compatibility, content security, user interface security, and infrastructure security. Servers and Infrastructure Brosix maintains a distributed network of high-speed IM servers. The high-performance servers are located in state of the art secured data centers that meet high security requirements standards. No customer data is stored on Brosix servers. You can enable an option to track user activity. If Users Activity Log is enabled the data is stored on a secure dedicated server. This option is provided for customers who have to comply with regulations that require them to store records for all their employees communication. All servers are subjects to regular backups that are transferred to at least two different geo locations via a secured VPN connection. Brosix operates a distributed and redundant system. If some server fails, the users are automatically redirected to another server so they can keep communicating securely. Only approved administrators have access to the servers. 2 P a g e

Communication channels Brosix provides several controls to prevent sensitive data exposure while users communicate. Peer-to-Peer connections All communication channels established between users are preferably peer-to-peer (directly between the users, not going through a server). If no direct connection can be made between the clients, the communication goes through a Brosix tunnel server. In this case the sender encrypts and the recipient decrypts the data and the tunnel server does not see the original data. The server does not process, nor store the data. Data Compression and Encryption All communication channels are compressed and encrypted with AES 256-bit. This compressed and encrypted content can be interpreted only by the authorized Brosix user. Website SSL Encryption Brosix secures all its sensitive websites with 128-bit encryption using Secure Sockets Layer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed by Geo Trust, Inc. Applications Brosix software communicates with the Brosix servers using proprietary protocols and data exchange methods. It is impossible to log into a Brosix IM network without the close coordination between the Brosix software and the Brosix servers. The data in a Brosix IM network is transferred using the software, which must establish a connection with a Brosix server to authenticate the user. These security features are inherent throughout the private IM network. Each user has to authenticate upon logon, and the communication between the users and servers is compressed, encoded, and encrypted. Application security Brosix client applications are signed with a code signing certificate provided by COMODO which ensures the publisher identity and proves that the application files have not been tampered or changed by third party. They are thoroughly tested to ensure the software quality and stability. 3 P a g e

End Users Authenticity All users that want to use Brosix have to authenticate. Authentication process goes through Brosix secure servers and ensures the users are really who they pretend to be. IM network administrators have full control from their Web Control Panels to: create/delete user accounts, block user accounts, allow/block communication between users, enable/disable application features for users. Brosix Staff Brosix staff that has access to the servers is highly motivated, well trained, and aware of customer s security. All of them are highly educated and continue to raise their qualifications every day. Following strict security principles, they strive to provide excellent customers experience. SAS-70, HIPAA, SSAE 16, HITECH Since Brosix does not process our customers financial information we are not subject to SAS-70. Brosix also does not process our customers health information so we are also not subject to HIPAA. Brosix provides secure communication channels that our customers use to transfer their information. During the transmission Brosix does not process, change, tamper or in any other way manipulate their data. Brosix customers who are subjects to SAS-70, HIPAA, SSAE 16, HITECH or any other regulation, can easily meet their requirements. Conclusion Brosix pays careful attention to the incorporation of security principles and standards in the design and operation of the Brosix infrastructure and services. Data security will remain the highest priority at Brosix, enabling us to continue providing efficient and secure instant communication services. 4 P a g e

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information