Security

When choosing how to host the web-enabled InfoAnywhere system, we spared no expense in choosing the absolute best, safest, fastest and most secure solutions available. The Hospice InfoAnywhere system is run on its own high-end dedicated server, located in Canada, and it is not shared with other customers. It is runs on a secured version of Linux, which is specifically configured for web serving and no other tasks. This system is fire-walled, preventing unauthorized connections from accessing the machine. The server is located in a physically secured datacenter, which hosts thousands of other servers. All systems within the datacenter are n+1 redundant which means that, even fail-safes have fail-safes. Backup generators, multiple hard drives, multiple routers, cooling systems and battery power banks give real redundancy so the InfoAnywhere system will continue to operate regardless of external conditions. In the event the outside power is down, diesel generators supply constant, reliable power for all systems. From a physical perspective, the datacenter facility is patrolled 24/7 by security personnel and building access is constantly monitored by video surveillance. Biometric and keycard security is used to ensure that only authorized personnel can enter the Data Center. For connection redundancy and constant uptime, the data center has several extremely high speed connection to multiple points around the internet).

All data is encrypted with industry standard unbreakable SSL encryption that is used by military, government and financial institutions worldwide ensuring that nobody other than the authorized recipients can read any client information.

Data security is paramount with any system which deals with mission-critical data. For our InfoAnywhere users, we take data backup very seriously. There are systems in place to ensure that at any given time there are four copies of less-than-24-hour-old data available. First, there is the live copy of data, on the server, which is constantly being updated in real time. Secondly, every evening, a data backup is taken off the server and stored onto secured, alternate backup servers, hundreds of KM away by the internet hosting provider. Next, a daily backup is taken, which backs up all the databases to offsite servers. Finally, each organization is responsible for downloading their own copy of their system data and storing it securely on their sites. This download process is a one-click process and takes only seconds to transfer. These backups may be stored so that later-on, restores of historical or point-in-time data may be possible.

To ensure the security of information while on the server, access to the data is only granted to users which have a valid user ID and password. The system can be configured to allow several levels of access to the information based on how each user is set up. Additionally, all passwords are stored in an encrypted format (that even InfoAnywhere support cannot decrypt) within the database to further prevent the possibility of compromise. Users can be added and removed by administrators at any time.

Two-factor authentication (also known as 2FA) provides unambiguous identification of users by means of the combination of two different components. These components may be something that the user knows, something that the user possesses or something that is inseparable from the user. A good example from everyday life is the withdrawing of money from a cash machine. Only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, i.e. something that the user knows) allows the transaction to be carried out. InfoAnywhere requires users to be in possession of a physical USB 'key' that is called for during the login process to ensure that the account cannot be accessed even if the username and password is compromised.

InfoAnywhere is restricted from access outside of Canada. Users seeking to use the InfoAnywhere system from a computer located outside of Canada will be required to complete a set of extra identity authentication measures at each login.

If you are considering InfoAnywhere for your hospice, please contact us. We would be happy to speak to you about the system, answer your questions, show you around and offer you a test account so you can explore and learn yourself. Contact us to schedule a free, no obligation consultation!.