Security & Disaster Planning
Cove Central has taken the extra step in addressing current issues faced today by every organization. Whether you are a law firm sending and receiving confidential documents, a healthcare facility that demands business continuity or a public school district requiring emergency planning, we have various solutions that will support you in every step of the way.
HIPAA AND SECURE ENCRYPTION
As we work with healthcare facilities, we install automated software to help manage HIPAA compliance from the technical and administrative aspects of handling medical information and storing data. We can also provide support in planning for physical safeguards and access restriction as well as, immediate updates to any personnel changes.
In addition, Cove Central has carefully selected IP phones that are highly secure and use SIP over Transport Layer Security (TLS/SSL) to provide the latest technology for enhanced network security. Lastly, we use the 3CX software PBX, which is the most secure VoIP platform today. 3CX has built-in security attributes including automatic generation and management of SSL certificates (A+ rating from SSL lab), as well as the following features:
-
Encryption of Voice Traffic via SRTP
-
All traffic to clients and via SBC is encrypted
-
More secure web server configuration allowing us to identify vulnerabilities and fraud countermeasures
-
Detection and auto blacklisting of SIP Attack tools
-
Security, backup and restore, update and failover automatic management
As each aspect of communicating information and delivering data goes thru the cloud, we want to make sure you are getting the most secure integrated solution available today without sacrificing speed and affordability.
DID YOU KNOW PASSKEYS ARE HIPAA COMPLIANT
As a method of authentication, passkeys exceed HIPAA requirements. If you are looking to add an extra layer of enterprise security to your digital communications. The Department of Health and Human Services lists three ways to verify a user’s identity. Each user must sign in with:
· a password or PIN only known to the user
· a smart card or key
· a fingerprint or facial image
Additionally, one of the Access Controls Security Standard (§164.312(a)) implementation specifications requires CEs assign a unique name and/or number for identification and tracking. Verification doesn’t need to be password-based - usernames with biometric authentication satisfy this requirement. Passkeys are far more secure than passwords because they require individual authentication for each user in every application: each challenge that the server sends is a new challenge, thus making the encryption unique every time a user signs in. The HIPAA Security Rule password requirements are based on NIST guidelines, but it’s acceptable to substitute alternative controls equal to or greater than the HIPAA requirement. Passkeys are a more secure method of authentication and exceed the HIPAA control.
9-1-1- ROUTING AND EMERGENCY PLANNING
Every business today must have an emergency plan in place. Whether they are life threatening, storm-stricken or fraudulent situations, you must have a plan on how to handle, manage and address the ramifications of each event after the fact.
-
Make sure your phones and network are designed to stay online during a power failure, including an alternate plan in place for how your staff will be able to communicate.
-
A good VoIP provider should also be able to tie all emergency calls to the location of each phone so that Emergency responders will be able to quickly locate the person calling for help.
Cove Central takes the extra time to input every user’s number in the system to assure that each phone number has immediate access to be able to dial 9-1-1.
DISASTER RECOVERY AND BACKUP
We have secure backups in place custom to each component of our services and included in every part of our offerings:
-
Email
-
Phone server
-
Data server
-
Application server
Most importantly, we have multi-location redundancy available in the event we need to recover data during a power failure, outage or other unforeseen circumstances.