This information is intended for Data Administrator's responsible for the enforcement of security policies and for the protection of enterprise and customer data. Additionally, usage of B2BPO's messaging infrastructure by the Health Care Industry, operating under the HIPAA regulations, is addressed in this section. In general, any access to a system component that administers the creation and maintenance of Topics and Subscriptions is password protected. All updates to Data Topics and to the contents of Lists of Subscribers on those topics are logged. Messages conveying Data to the PostOffice are logged as are topic subscriptions that result in data being downloaded to subscribers. The table below provides details:
| Feature | Comment |
|---|---|
| User Authentication | All system components are protected by user Authentication. No changes may be made to any messaging entities like Topics and Subscriptions unless the user is authenticated. |
| Access controls | The PostOffice application is not accessible by the public. Only authenticated users may reach it. The File System and access via applications are locked down. The web server that hosts the B2BPO application is also locked down behind a fire wall. |
| Audit Trail | Log records are taken at each point of access to the administration system that sets of Topics and subscriptions. Log records are taken at each processing step such as uploads, and forwarding of message data to subscribers. Access to the message logs is accomplished via subscriptions to discreet segments of the overall logs where each segment covers a particular Topic. |
| Physical security | When you install the B2BPO server behind your firewall, this depends on physical access to that computer on your network. Those accessing B2BPO as a web service are connecting to a server located inside an approved Co-Location facility employing industry standard security which restricted access to the data center. |
| Remote Access | The only remote access to the internet server hosting B2BPO services is via secure protocol. |
| Intrusion Dection | >The internet server hosting B2BPO services is protected by standard anti-intrusion techniques and software. |
| Data Transmission | Occurs over secure, configurable protocols (SSL the default, SSH, SFTP) |
| Data At Rest | Encryption is controlled by deployment and configuration properties, which will handle any data uploaded to the PostOffice Server. All resident data will then be encrypted. Deployments of the B2BPO server software made behind firewalls may bypass the encryption by using alternate values for deployment and configuration. |