Boosting Client Data Protection

Posted by Frank Strafford on June 6, 2018 in Data Security,
client data protection

Streamline Verify takes data security very seriously. It maintains up-to-date security systems, performs enhancements as required and implements recommendations. The company is on track to integrate further safeguards to its cryptographic protocols. This is concerning the June 30, 2018 deadline in compliance with the PCI Data Security Standard (PCI DSS). It was established to ensure that current security standards are adhered to for the protection of client data.

A Brief History of Data Security

Transfer of data necessarily requires that online communications are protected. It does this by encrypting such data through a cryptographic protocol. The parties can freely transact through a secured channel, keeping their data safe and confidential.

Netscape introduced this Transport Security Layer process through the development of its Secure Sockets Layer (SSL) in the early 1990’s. It has received multiple upgrades to its  capabilities to successfully repel online attackers from accessing sensitive information. Modifications to the following cryptographic protocols were conducted: SSL 3.0 (1996), TLS 1.0 (1990) TLS 1.1 (2006) and TLS 1.2 (2008).

How Does Removing Old SSL/TLS Help?

Currently, SSL and early TLS are open to attacks resulting in potential exposure of delicate data it seeks to protect. Its vulnerabilities were laid bare by the BEAST and POODLE exploits. The latter especially, underscores SSL 3.0’s inability to defend against it. BEAST on the other hand, is a “man in the middle attack” (MITM) which can capture encrypted data and acquire session cookies.

In light of this, the PCI DSS has prescribed a 30 June 2018 deadline to migrate from SSL/early TLS to TLS 1.1 or higher. TLS 1.2 is more favorable to further decrease any risks of data breach. Online and e-commerce websites using SSL/early TLS encryption protocols were advised to implement the necessary upgrades to preclude POODLE exposure and similar exploits.

Streamline Verify Servers Are Already Secure

The Streamline Verify servers are not vulnerable to these attacks and other known SSL/TLS. The Streamline Verify application has an A+ rating at SSL Labs though it will not stop there. Our servers have transitioned to TLS 1.2 to further boost security measures. Moving forward, Streamline Verify will consider upgrading to the recently ratified TLS 1.3 once more browsers support it.

As such, outdated browsers that do not comply with current security standards are advised to upgrade them immediately. This includes Internet Explorer versions prior to version 11 that do not support TLS 1.1 and TLS 1.2 by default. Streamline Verify will no longer support TLS 1.0 or TLS 1.1 (even though removal of TLS 1.1 is not mandated by PCI).

Clients using outdated versions may experience service interruptions. The company apologizes for any inconvenience this may cause and is on hand to assist with any concerns.

About Frank Strafford

About Frank Strafford

Related Articles

MFCU 2016 Annual Report: States Getting Better ...

June 5, 2017

State Medicaid Fraud Control Units are continuing a five-year trend of increasing convictions, civil settlements and exclusions for fraud and abuse. A report, released by the U.S. Department of Health...

Why We’ve Added Death Master ...

March 24, 2015

To save our clients from multi-million dollar settlements like this one. The Associated Press reports that a $4.5 million settlement has been reached with life insurers -- great news for the states, ...

President’s Proposed Budget Will Provide ...

February 25, 2015

Due to demographic evolution of the U.S. population, and the increasing age of the baby boomers, it is very likely that healthcare will be the fastest growing segment of the economy in the near future...

Understanding OIG Exclusions

OIG Exclusions Screening Process

Exclusion FAQS

Quick OIG Exclusion Basics

Employing Excluded Individuals

Consequences to Employing an Excluded Individual

OIG Compliance Law

Laws and Publications on OIG Compliance

More Compliance Resources

The Verify Way!

We build the best, so you can perform at your best.

Trusted for Good Reason

  • ✓ Guaranteed accurate
  • ✓ Certified Secure
  • ✓ Audit Proof
  • ✓ Feature-rich reporting
  • ✓ Round the clock real-time-data
  • ✓ Processing fully automated

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking

HEALTHCARE ESTABLISHMENTS NATIONWIDE COUNT ON STREAMLINE VERIFY

5

60%

Average workload reduction by implementing the Streamline Verify program

5

10K

Establishments trust Streamline Verify nationwide

5

2011

Serving the healthcare industry’s unique compliance needs since 2011

5

24X

Setting standards with hourly synchronization to primary source data

[class^="wpforms-"]
[class^="wpforms-"]