Infortel Select meets the following standards
Trusted, Reliable, and Secure
Infortel Select is deployed via the secure, enterprise-grade Microsoft Azure cloud data center environment. Our infrastructure includes advanced security features, industry compliance certifications and periodic audits, and extensive data integrity and privacy protection. Data collection, storage, and end-user access are all designed and managed to minimize risk while and maximizing data usability.
Encrypted data collection via SFTP and encrypted cloud storage on Microsoft Azure
ISI deploys firewalls, intrusion detection, intrusion prevention, web application gateways, and web application firewalls to ensure the security and integrity of data
SAML SSO 2.0
Application security is maintained via secure sign-on methods, including SAML 2.0 or MFA via email, SMS, or authentication app
An enterprise-wide management system monitors all servers and network components for availability and failures. Alerts are monitored 24x7 by ISI’s highly trained personnel
We employ a secure development lifecycle to ensure the security of our software. From the design and development process to code and vulnerability review, security is top priority from start to finish
Backups & Recovery
All data is backed up daily to a geographically distinct data center. ISI offers a stated 24-hour Recovery Time Objective (RTO) and a 24-hour Recovery Point Objective (RPO)
Data Center Security
Infortel Select services are deployed via Azure, Microsoft’s state of the art, SSAE16 SOC 2 audited, highly-redundant service which provides ISI with a highly-available and secure, 24x7 monitored, and redundant environment.
Encrypted Data in Motion & at Rest
All data traversing the ISI network remains encrypted at all times and data at rest is also encrypted using an AES 256-bit methodology.
Certified Standards Compliance
The following is a partial list of security credentials supported by Infortel Select: ISO 27001, Cloud Security Alliance STAR certification, ISO/IEC 27018, SOC 1, NIST CSF Framework, SSAE, PCI, HIPAA, HITRUST, FERPA.
The following types of Personal information may be collected, stored, and reported upon:
- Company Name
- Organizational Hierarchy
- Department Name
- Employee Name
- Employee Title
- Employee email address
- Employee UPN
- Employee Telephone Number, Extension Number, or SIP URI
Call Detail Records include call date, call time, call duration, internal party name and telephone number, extension or SIP URI, telephone number dialed, calling party number, city state and country of call destination or origin.
The ISI customer owns all data provided. At the end of any contract or agreement, the customer is given the choice of having ISI return the data in machine readable format prior to destruction. All data will be deleted using NIST 800-88 standards.
ISI does not own or control any of the information it processes on behalf of ISI’s customers. All information is owned and controlled by ISI’s customers. In this capacity ISI receives information transferred and acts as a processor on behalf of its customer. ISI’s customers retain ownership and remains the data controller.
All data is backed up daily to a geographically distinct data center. In addition to regular backups, ISI uses Azure Site Recovery to replicate all data continuously to the backup region. All backups remain encrypted in transit and at rest. ISI tests restoration of backups quarterly. ISI offers a stated twenty-four-hour Recovery Time Objective (RTO) and a twenty-four-hour Recovery Point Objective (RPO).
Received and processed data is stored locally within the ISI data center. All data is encrypted. ISI uses an Azure Platform Key to encrypt data. The keys are rotated annually or on-demand in case of a suspected breach. All data is replicated three times within the data center.
All data retention periods are defined by the statement of work signed between ISI and the customer. Our standard retention policy includes thirteen months of storage. Additional storage may be purchased at an additional cost. Each night, older data is deleted. The ISI customer owns all data provided. At the end of any contract or agreement, the customer is given the choice of having ISI return the data in machine readable format prior to destruction. All data will be deleted using NIST 800-88 standards.
Yes. The most common method of transporting CDR and directory information from the customer premise to the ISI data center is via Secure FTP (SFTP) protocol. This ensures that call detail information is encrypted while passing through the public IP network. Some customer systems (such as Cisco Unified Communications Manager) can natively push data via SFTP to ISI. In other cases, ISI provides software or hardware that can push data to ISI using SFTP. This SFTP Push approach is typically the most desirable data transfer method because the session is initiated by a device behind the customer’s firewall.
If desired, a customer-provided and maintained proxy server may be employed to consolidate and redirect one or more SFTP sessions to the ISI SFTP server, thereby providing additional security.
Experience the power of ISI Analytics
Unified Communications has changed telecom and the ways we communicate. To secure the CDR reporting and data analytics visibility you need to access and use trapped call data, manage telecom infrastructure, monitor customer experience and employee productivity, and secure historical records, you need the power of ISI Analytics.Schedule a Demo Talk to an Expert