[rev_slider security]

Customer data is one of your most valuable assets.

We’ve built our system from the ground up with their privacy in mind, with a laser focus on delivering a comprehensive, scalable call answering solution that is designed to provide you results while simultaneously keeping your data safe, your call interactions secure and your business protected. In fact, there’s a very good chance your caller data is handled more securely by our agents than it’s currently managed now by your staff and systems.

Methodology

YesTrak performs constant risk analysis to strive for the highest level of security for your business and your customer’s important data. Leading security practices have been integral to our system design since inception, and we continue to invest finances and effort towards staying on par with the rapidly-changing landscape in this critical area of operation. We perform full security audits of our processes and people regularly, correcting any inefficiencies on the fly.

Physical Security

YesTrak’s co-located servers are hosted at world-class, highly secure data centers utilizing state-of-the art electronic surveillance and multi-factor access control systems. Data centers are staffed 24×7 by trained security guards, and access is authorized strictly on a least privileged basis. Environmental systems are designed to minimize the impact of disruptions to operations, and multiple geographic regions and co-located availability zones allow the application to remain resilient in the face of most failure modes, including natural disasters or system failures.

Transmission Security

YesTrak servers are encrypted by default using industry standard SSL. This ensures that all traffic between your instance and YesTrak’s servers is secure during transit.

Access Control

All access to YesTrak is governed by access rights. Administrators can define privileges to individual users. Each request to YesTrak is accompanied by user identity credentials, allowing for segregation of customer data.

Vulnerability Management

We take a proactive approach to security, constantly testing our platform for vulnerabilities that could affect your instance. We build with industry-leading technology partners, and leverage enterprise-class security solutions, third-party security specialists and customized in-house diagnostics to analyze and address any vulnerabilities in the application or production infrastructure. When identified, these protocols allow us to swiftly mitigate any exposure and inform our clients of the nature and impact of any breach right away.

Network Security

YesTrak works with industry-leading vendors to deliver our network infrastructure. Our network storage facility has achieved ISO 27001 certification and been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). They undergo annual SOC 1 audits and have been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems. Additionally, the network is protected by best-in-class firewall and router technology, SSL encryption, file integrity monitoring, and network intrusion detection that monitors for malicious traffic and network attacks. Our incident management system gathers logs from all network systems and creates triggers based on correlated events.

Application Security

YesTrak maintains a detailed application audit trail, tracking events such as user log-ins or configuration changes to give you the power to determine where a process went off track internally. Additionally, we utilize best practice framework-level protections to help prevent application vulnerabilities.

Privacy

YesTrak is developed with industry-leading privacy controls in mind, over the standards HIPAA and PCI compliance are based on. In addition, information is obscured before it is ever passed to our call center agents. They never know private appointment data off your appointment calendar, only that a time is already booked.