Infrastructure & Security
Electronic Security & Access Rights
- Users are assigned to groups, which are in turn assigned specific roles and rights for contracts within the system. This ensures tight control is exercised over what users can view and the actions they can take – so that they are in line with the service agreed with our clients, and that data leaks do not occur between unauthorised parties.
- The system uses a DigiCert SSL certificate to ensure all data transmitted between the site and users is encrypted using the strict cryptographic protocols as laid out in the HTTP specification, and cannot be intercepted by a 3rd party.
- The system data is held securely on servers that are not accessible other than via a highly secure virtual private network (VPN). This same approach is used to ensure that all administrative functions are carried out in the most secure manner possible by Yellowblox staff only, following fully documented, and audited, processes and procedures.
Workflow permissions, and change control
- All changes within the Yellowblox system are tagged with the username, company date, and time to ensure a complete audit trail of activity and processes is available.
- Through our use of roles and group assigned to contracts, we have the ability to control exactly which group or individual(s) can perform certain tasks or view certain information.
- Our bespoke filtering technology allows for the visibility of information – and the alerting to information – to be controlled, dependent upon agreed criteria such as the size of incurred on a claim, or the premium quoted on a policy.
- Similar techniques allow for claims/policies/referrals to be allocated to individual users/companies, and those people to only be able to see that set of information. This means you can allow third parties to have access while retaining complete confidence over your data security.
Hosted Infrastructure, SSL and Data centre security
- Yellowblox hosted services and SaaS solutions allow customers to delegate responsibility for running their services to Yellowblox. It ensures high system availability, 24-hours- a-day, 7-days-a-week, 365-days-a-year. Yellowblox hosting services are delivered from TDM Group data centres, which provides an extremely high standard of service including:
- Physically secure data centre facilities with 24/7 staffed surveillance video cameras, biometric entry systems and security breach alarms, private lockable cabinets, and fire suppression systems.
- Entire infrastructure housed behind robust firewall clusters utilising sophisticated intrusion detection systems with full redundancy on all routers, switches and firewalls between data centres.
- Fully redundant power supplies and Internet connectivity.
- Virtual Infrastructure utilising VMWare ESX hosts to quickly configure, maintain and support client systems.
- Disaster recovery and failover environment housed at a second location.
- Advanced hardware and software monitoring tools
- Availability of production and user acceptance testing environments upon request.
- By removing the need to send information around by email you are complying with the requirement in most jurisdictions to not send private information via unencrypted means.
- Data regulation including the DPA (Data Protection Act), the HIPAA (Health Insurance Portability and Accountability Act) Privacy & Security Rules and the HITECH (Health Information Technology for Economic and Clinical Health) Act restricts the sending of individually identifiable information via unencrypted methods (email).
- Yellowblox can help your business remove this risk factor from your business.
For more information contact us on +44 (0)845 094 1650, email us at email@example.com or sign-up to our newsletter.