Recordia runs in ISO 27001 certified datacenters in Europe, the US, Latin America, and Asia. ISO 27001 is a security standard that describes the best practices in security management and a series of controls that follow ISO 27002 norms of best security practices, a well recognized and accepted global security standard.
All communications with the user interface are encrypted in a way that its content cannot be intercepted or sniffed. For the web access, both interface as well as the different SDKs, we use HTTPS protocol with digital certificates issued by the relevant certification authorities.
All communication between services is also encrypted and protected through security certificates.
All documents are stored once encrypted using the AES-256 algorithm.
All documents (calls, faxes, SMSs…) are digitally signed with a recognized digital signature. Additionally, external appliances to provision this signature can be used. This signature includes a time stamp issued by the relevant Time Stamp Authority (TSA), which guarantees data integrity in a given moment.
Data is stored with redundancy in different data centers and different devices within the same data center. Besides, we use sync mechanisms to assure integrity of all redound data. All of this combined offers 99.99999999% data persistence with a 99.9% prompt availability for any given year.
In order to protect its integrity and eventually a later modification of objects (records, SMSs, etc.) we generate a hush or digital thread on them. This thread is also digitally signed in order to detect any potential alterations.
Our logging and auditing system allows operators to precisely know who accessed what, when and from which device, thus allowing full access traceability, as Data Protection Laws require.
© Copyright 2017 by Recordia