28 June 2010
Considering that the system makes no differentiation between its corporate and single user customers, all calls received need to be accounted for and secured!
Who may view a fax?
Now this question is not at all easy to answer; Consider an employee of a company performing illegal transactions via fax communications. Firstly, under South African law, any communications entering an organization is considered to be the property of that organization and is obliged to securely store such communications for a period of five years. Such organization may be requested to furnish such information to the necessary authorities in dealing with the said criminal activities and could be held liable should it not be able to produce said fax document/s
It is with this consideration that FaxFX can securely store users’ faxes, for five years (or at a cost if extended time period is required).
The user, which may be overridden by its organization if it exists, will be able to override this storage of data and force deletion of faxes once confirmation of delivery of said fax has been confirmed by the user either by the acceptance of a read receipt or by deleting the fax via the web interface (each user has access to his/her faxes and control of the users beneath him/her in a structured manner as created and managed by the various entity/ies themselves)
What special System Security considerations have been made to protect against most eventualities ranging from system failure to hacking?
- Firstly the system has been implemented on a LINUX platform (in support for government’s “open source” strategy) and therefore is not subject to the normal barricade of system attacks experienced by Microsoft® and related platform/s and/or products/services
- The system is Firewalled and continuously scanned of intrusions from the outside world
- The system checks for illegal access requests and any accesses to the system are tracked and logged for rollback and identification of usage activities
- The system does not reside on any one single machine nor is dependent on any one single machine ensuring no single point of failure
- Every machine in its own right has built in redundancy at the hardware layer including such best practice considerations such as RAID 5 with hot swappable drives, dual power supplies, etc
- The system is backed up daily offsite with a structured “fallback” and “rollback” plan for recovery. SPECIAL considerations have been made on system fault resolution to ENSURE that completed successful fax receptions are delivered to its appropriate destination
- The system is deployed in arguable one of the best sites in the country with direct access into the core Tier 1 Internet networks in South Africa and direct access into the International networks through multiple links into Europe and the USA
- Full physical security through access control
- Controlled environment with respect to temperature, humidity, power fluctuations and outages, etc
What can we expect in the near future?
- The system will shortly support full encrypted and secure sessions
- Every fax delivered will request a delivery receipt in order to confirm successful fax communications. The destination mail server is also interrogated in order to ensure remote mailbox message delivery and logging
- Allocation and distribution of security keys to end users. This will allow full encryption services thereby ensuring that the analogue fax receptions are encrypted at point of entry via ISDNPRI interfaces prior to file storage and email transmission
- Encrypted fax transmission for FaxOut (also known as print2fax) will be standard
- Various levels of Third party verification of FaxOut transmissions (this can be compared with “registered post” or the signing of a document by a Commissioner of Oaths or authorized and verified notice to the Sheriff of the Court)
There is a drive by some key customers to implement certain advanced services as indicated above. We are committed to doing so by being the only company in South Africa to be able to address these special requirements as our competitors use imported software which will not be customized by our foreign counterparts. In so doing, when we build it for one, we build it for all